sky.pasukanantidepo.shop Open in urlscan Pro
2606:4700:3034::6815:312f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sky.pasukanantidepo.shop/
Effective URL:
https://sky.pasukanantidepo.shop/
Submission: On January 25 via api (January 25th 2024, 1:53:09 am UTC) from US — Scanned from US

Summary HTTP 1361 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 83 IPs in 8 countries across 101 domains to perform 1361 HTTP transactions. The main IP is 2606:4700:3034::6815:312f, located in United States and belongs to CLOUDFLARENET, US. The main domain is sky.pasukanantidepo.shop.
TLS certificate: Issued by E1 on December 1st 2023. Valid for: 3 months.

This is the only time sky.pasukanantidepo.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:303... 2606:4700:3034::6815:312f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 14	2606:4700:303... 2606:4700:3035::6815:5055	13335 (CLOUDFLAR...) (CLOUDFLARENET)
140	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
17	142.4.219.198 142.4.219.198	16276 (OVH) (OVH)
6	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3032::ac43:d74f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 8	2606:4700:303... 2606:4700:3037::ac43:b044	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	2606:4700:10:... 2606:4700:10::6814:4f63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3037::ac43:84cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	149.56.240.128 149.56.240.128	16276 (OVH) (OVH)
57	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
72	3.162.163.118 3.162.163.118	16509 (AMAZON-02) (AMAZON-02)
31	18.221.210.46 18.221.210.46	16509 (AMAZON-02) (AMAZON-02)
1	104.18.34.83 104.18.34.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3031::ac43:b058	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	2606:4700:303... 2606:4700:3032::ac43:b4fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.21.33.16 52.21.33.16	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
11	108.156.91.83 108.156.91.83	16509 (AMAZON-02) (AMAZON-02)
28	2606:4700:20:... 2606:4700:20::681a:d3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10 14	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
17 28	104.126.112.185 104.126.112.185	16625 (AKAMAI-AS) (AKAMAI-AS)
17	2606:4700:303... 2606:4700:3030::ac43:a16f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	52.84.18.2 52.84.18.2	16509 (AMAZON-02) (AMAZON-02)
60	23.34.59.18 23.34.59.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
35	85.187.128.38 85.187.128.38	55293 (A2HOSTING) (A2HOSTING)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
28	3.162.174.37 3.162.174.37	16509 (AMAZON-02) (AMAZON-02)
13 13	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 5	52.95.251.104 52.95.251.104	16509 (AMAZON-02) (AMAZON-02)
33 59	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
34 35	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 25	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 10	34.197.192.192 34.197.192.192	14618 (AMAZON-AES) (AMAZON-AES)
1 3	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2606:4700:10:... 2606:4700:10::6816:3262	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12 15	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
2	34.86.110.8 34.86.110.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.7.64.229 23.7.64.229	16625 (AKAMAI-AS) (AKAMAI-AS)
1 30	63.251.86.50 63.251.86.50	10913 (INTERNAP-BLK) (INTERNAP-BLK)
2 8	34.234.61.205 34.234.61.205	14618 (AMAZON-AES) (AMAZON-AES)
36	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
24	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2607:f8b0:400... 2607:f8b0:4004:c1b::84	15169 (GOOGLE) (GOOGLE)
27	3.95.90.76 3.95.90.76	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:303... 2606:4700:3037::6815:605a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3033::ac43:c223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 27	18.160.213.74 18.160.213.74	16509 (AMAZON-02) (AMAZON-02)
10 276	172.96.191.134 172.96.191.134	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
49 49	3.233.146.200 3.233.146.200	14618 (AMAZON-AES) (AMAZON-AES)
6 6	13.59.48.188 13.59.48.188	16509 (AMAZON-02) (AMAZON-02)
1 1	35.226.42.89 35.226.42.89	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
22 22	35.236.220.17 35.236.220.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
23	63.251.86.51 63.251.86.51	10913 (INTERNAP-BLK) (INTERNAP-BLK)
7 7	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
23 46	54.85.120.53 54.85.120.53	14618 (AMAZON-AES) (AMAZON-AES)
3 3	54.161.18.58 54.161.18.58	14618 (AMAZON-AES) (AMAZON-AES)
3 4	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
12 12	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
6 6	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
8 8	68.67.160.117 68.67.160.117	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	54.204.112.220 54.204.112.220	14618 (AMAZON-AES) (AMAZON-AES)
15	75.2.13.80 75.2.13.80	16509 (AMAZON-02) (AMAZON-02)
2 2	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
6 7	3.237.59.54 3.237.59.54	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.218.239.184 44.218.239.184	14618 (AMAZON-AES) (AMAZON-AES)
2	34.202.176.34 34.202.176.34	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.18.21.134 104.18.21.134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 19	52.201.104.25 52.201.104.25	14618 (AMAZON-AES) (AMAZON-AES)
4 4	34.226.133.129 34.226.133.129	14618 (AMAZON-AES) (AMAZON-AES)
3 3	207.198.113.90 207.198.113.90	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	54.147.59.32 54.147.59.32	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:e6:... 2606:4700:e6::ac40:ce0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 7	44.206.54.3 44.206.54.3	14618 (AMAZON-AES) (AMAZON-AES)
1 2	51.222.241.100 51.222.241.100	16276 (OVH) (OVH)
1 2	2606:4700:1::... 2606:4700:1::6813:824c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	216.22.16.73 216.22.16.73	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 2	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
1	2600:1f18:ed:... 2600:1f18:ed:550a:6220:97e8:2a1e:4cc1	14618 (AMAZON-AES) (AMAZON-AES)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	104.17.215.204 104.17.215.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	40.71.11.141 40.71.11.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 7	13.225.214.117 13.225.214.117	16509 (AMAZON-02) (AMAZON-02)
1 2	34.232.140.51 34.232.140.51	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.4.73.70 52.4.73.70	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8 8	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	18.160.249.36 18.160.249.36	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1 1	35.168.34.202 35.168.34.202	14618 (AMAZON-AES) (AMAZON-AES)
3 3	3.219.59.246 3.219.59.246	14618 (AMAZON-AES) (AMAZON-AES)
1 2	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:9000:211... 2600:9000:211c:1200:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3033::6815:e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	18.164.116.98 18.164.116.98	16509 (AMAZON-02) (AMAZON-02)
1	54.166.215.153 54.166.215.153	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:303... 2606:4700:3036::ac43:8f7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	45.76.151.5 45.76.151.5	() ()
2 2	13.225.63.48 13.225.63.48	() ()
1	2607:f8b0:400... 2607:f8b0:4004:c07::5f	() ()
1361	83

14 2606:4700:3034::6815:312f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sky.pasukanantidepo.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3035::6815:5055 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

m2.treksantuy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bolo.treksantuy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

140 192.0.72.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

antoboomerblog.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.4.219.198 (Canada)

ASN16276 (OVH, FR)
PTR: ns5000868.ip-142-4-219.net

s4is.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:d74f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

treksantuy.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3037::ac43:b044 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

widget.angkapaito.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wget.angkapaito.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3037::ac43:84cf (United States)

ASN13335 (CLOUDFLARENET, US)

king.laskar2d.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 3.162.163.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-163-118.ord56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 18.221.210.46 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-221-210-46.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3031::ac43:b058 (United States)

ASN13335 (CLOUDFLARENET, US)

bolo.treksantuy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:b4fc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

treksantuy.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.33.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io

momen.tm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 108.156.91.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-91-83.ord56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:d3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 141.94.171.212 (France) 10 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.126.112.185 (New York, United States) 17 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3030::ac43:a16f (United States)

ASN13335 (CLOUDFLARENET, US)

rtx.dudasoleh.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.84.18.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-18-2.ord53.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 23.34.59.18 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-18.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 85.187.128.38 (Singapore, Singapore)

ASN55293 (A2HOSTING, US)
PTR: sg1-tr1.supercp.com

markas-prediktor.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kaptenoleng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bungaprediction.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w1.bungaprediction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 3.162.174.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-174-37.ord56.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.223.40.198 (United States) 13 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.95.251.104 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-95-251-104.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 35.244.154.8 (Kansas City, United States) 33 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ei.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rc.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 107.178.254.65 (Kansas City, United States) 34 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.197.192.192 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3262 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.253.122.155 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.22 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

lex.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.86.110.8 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.110.86.34.bc.googleusercontent.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.7.64.229 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-64-229.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 63.251.86.50 (United States) 1 redirects

ASN10913 (INTERNAP-BLK, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.234.61.205 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-61-205.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 3.95.90.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-90-76.compute-1.amazonaws.com

track2.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:605a (United States)

ASN13335 (CLOUDFLARENET, US)

wget.angkapaito.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3033::ac43:c223 (United States)

ASN13335 (CLOUDFLARENET, US)

raja.hoki2d.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 18.160.213.74 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-160-213-74.ord58.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

276 172.96.191.134 (Singapore, Singapore) 10 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.134-static.reverse.arandomserver.com

zona-bermain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 3.233.146.200 (Ashburn, United States) 49 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-200.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.59.48.188 (Columbus, United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-59-48-188.us-east-2.compute.amazonaws.com

he.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.226.42.89 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.42.226.35.bc.googleusercontent.com

p.alcmpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 35.236.220.17 (Washington, United States) 22 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:112:f002:bbbb::23 (United States) 7 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 54.85.120.53 (Ashburn, United States) 23 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-120-53.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nlsn.thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.161.18.58 (United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-18-58.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.229.3.43 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.225.218.10 (Ashburn, United States) 12 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.194.49 (United States) 6 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 68.67.160.117 (Jersey City, United States) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.204.112.220 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-112-220.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.3 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.237.59.54 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-59-54.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.218.239.184 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-239-184.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.202.176.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-176-34.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.21.134 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

idsync.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.201.104.25 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-104-25.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.226.133.129 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-133-129.compute-1.amazonaws.com

thrtl.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.198.113.90 (Herndon, United States) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.147.59.32 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-59-32.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:ce0d (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 44.206.54.3 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-54-3.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.241.100 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-011.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wt.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:824c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.22.16.73 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550a:6220:97e8:2a1e:4cc1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.215.204 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.71.11.141 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.214.117 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-117.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.140.51 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-140-51.compute-1.amazonaws.com

tag.crsspxl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.73.70 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-73-70.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 162.19.138.117 (Frankfurt am Main, Germany) 8 redirects

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.249.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-249-36.ord58.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.34.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-34-202.compute-1.amazonaws.com

pixel.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.219.59.246 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-59-246.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.68 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211c:1200:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:e31 (United States)

ASN13335 (CLOUDFLARENET, US)

dtsedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.116.98 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-98.jfk50.r.cloudfront.net

ads.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.166.215.153 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-215-153.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8f7f (United States)

ASN13335 (CLOUDFLARENET, US)

opesia.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.38.167.131 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.76.151.5 (None, )

ASN- ()

wblog.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.63.48 (None, ) 2 redirects

ASN- ()

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5f (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
276	zona-bermain.com 10 redirects zona-bermain.com	4 MB
140	wordpress.com antoboomerblog.files.wordpress.com	88 MB
124	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5021 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6723 data-beacons.s-onetag.com — Cisco Umbrella Rank: 14306 connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 5129	397 KB
103	histats.com s4is.histats.com — Cisco Umbrella Rank: 634486 s10.histats.com — Cisco Umbrella Rank: 14576 s4.histats.com — Cisco Umbrella Rank: 14129	382 KB
96	sharethis.com 1 redirects pd.sharethis.com — Cisco Umbrella Rank: 12612 t.sharethis.com — Cisco Umbrella Rank: 5730 sync.sharethis.com — Cisco Umbrella Rank: 2756	227 KB
59	lijit.com 7 redirects ap.lijit.com — Cisco Umbrella Rank: 671 he.lijit.com — Cisco Umbrella Rank: 2846 ce.lijit.com — Cisco Umbrella Rank: 859	57 KB
59	rlcdn.com 33 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 451 ei.rlcdn.com — Cisco Umbrella Rank: 2742 rc.rlcdn.com — Cisco Umbrella Rank: 4625	4 KB
57	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 16248 t.dtscout.com — Cisco Umbrella Rank: 13665	94 KB
50	liadm.com 49 redirects i.liadm.com — Cisco Umbrella Rank: 550 i6.liadm.com — Cisco Umbrella Rank: 2884	41 KB
46	thrtle.com 23 redirects thrtle.com — Cisco Umbrella Rank: 1397 nlsn.thrtle.com — Cisco Umbrella Rank: 20005	24 KB
38	crwdcntrl.net 6 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898 sync.crwdcntrl.net — Cisco Umbrella Rank: 853	143 KB
36	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	599 KB
35	pippio.com 34 redirects pippio.com — Cisco Umbrella Rank: 790	1 KB
28	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12324	42 MB
28	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14516	13 KB
27	intentiq.com 1 redirects api.intentiq.com — Cisco Umbrella Rank: 1555	2 KB
27	securedvisit.com track2.securedvisit.com — Cisco Umbrella Rank: 4440	5 KB
26	treksantuy.xyz 6 redirects m2.treksantuy.xyz bolo.treksantuy.xyz	4 MB
25	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349	4 KB
25	w.org s.w.org — Cisco Umbrella Rank: 3198	13 KB
24	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	998 KB
24	simpli.fi 22 redirects i.simpli.fi — Cisco Umbrella Rank: 3825 um.simpli.fi — Cisco Umbrella Rank: 856	10 KB
17	dudasoleh.lol rtx.dudasoleh.lol	133 KB
15	doubleclick.net 12 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260	3 KB
14	addthis.com 8 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1946 x.dlx.addthis.com — Cisco Umbrella Rank: 1651	7 KB
14	bluekai.com 9 redirects tags.bluekai.com — Cisco Umbrella Rank: 727 stags.bluekai.com — Cisco Umbrella Rank: 940	5 KB
14	onaudience.com 10 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3060	5 KB
14	pasukanantidepo.shop 1 redirects sky.pasukanantidepo.shop	861 KB
13	adsrvr.org 13 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	5 KB
12	yahoo.com 12 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	3 KB
12	hoki2d.xyz raja.hoki2d.xyz	122 KB
12	markas-prediktor.info markas-prediktor.info	127 KB
12	laskar2d.xyz king.laskar2d.xyz	122 KB
11	bungaprediction.top bungaprediction.top	36 KB
11	kaptenoleng.com kaptenoleng.com	27 KB
10	eyeota.net 3 redirects ps.eyeota.net — Cisco Umbrella Rank: 1074	5 KB
10	angkapaito.net 5 redirects widget.angkapaito.net wget.angkapaito.net	6 KB
8	id5-sync.com 8 redirects id5-sync.com — Cisco Umbrella Rank: 425	11 KB
8	adnxs.com 8 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490	8 KB
7	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 544	5 KB
7	mediawallahscript.com 6 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 3161	5 KB
7	demdex.net 6 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	5 KB
7	turn.com 7 redirects d.turn.com — Cisco Umbrella Rank: 1381	3 KB
6	everesttech.net 6 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716 rtd-tm.everesttech.net — Cisco Umbrella Rank: 3124	1 KB
6	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 15285 2.bp.blogspot.com — Cisco Umbrella Rank: 15271	66 KB
5	w55c.net 5 redirects pm.w55c.net — Cisco Umbrella Rank: 875	4 KB
5	imrworldwide.com 4 redirects thrtl.redinuid.imrworldwide.com — Cisco Umbrella Rank: 19562 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 4870 secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2006	2 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 524	745 B
4	stackadapt.com 4 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 730	2 KB
4	exelator.com 3 redirects loadm.exelator.com — Cisco Umbrella Rank: 1780 loadus.exelator.com — Cisco Umbrella Rank: 1531	3 KB
3	clickagy.com 3 redirects aorta.clickagy.com — Cisco Umbrella Rank: 1875	2 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2267 pbid.pro-market.net — Cisco Umbrella Rank: 8214	1 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	2 KB
3	sitescout.com 3 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	2 KB
3	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1811 beacon.krxd.net — Cisco Umbrella Rank: 784	838 B
3	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 326	2 KB
3	bidr.io 3 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	1 KB
3	33across.com 1 redirects cdn-tc.33across.com — Cisco Umbrella Rank: 28883 lex.33across.com — Cisco Umbrella Rank: 4952	1 KB
3	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1870	616 B
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 13409 ic.tynt.com — Cisco Umbrella Rank: 11236 de.tynt.com — Cisco Umbrella Rank: 1526	9 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com	33 KB
2	rezync.com 2 redirects live.rezync.com	2 KB
2	wblog.xyz wblog.xyz	3 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	154 KB
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 841	2 KB
2	opesia.vip opesia.vip — Cisco Umbrella Rank: 631355	4 KB
2	scorecardresearch.com 1 redirects ads.scorecardresearch.com — Cisco Umbrella Rank: 3144	737 B
2	aidata.io 1 redirects x01.aidata.io — Cisco Umbrella Rank: 14168	944 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 805	551 B
2	crsspxl.com 1 redirects tag.crsspxl.com — Cisco Umbrella Rank: 5357	702 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1369	1 KB
2	mgid.com 1 redirects cm.mgid.com — Cisco Umbrella Rank: 1347	737 B
2	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3537 wt.rqtrk.eu — Cisco Umbrella Rank: 1452	602 B
2	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 22509	724 B
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1008 B
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 423	732 B
2	reson8.com 2 redirects idsync.reson8.com — Cisco Umbrella Rank: 3332	616 B
2	linksynergy.com 2 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 4748	707 B
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 3325 mwzeom.zeotap.com — Cisco Umbrella Rank: 3434	877 B
1	bungaprediction.com w1.bungaprediction.com	787 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1259	287 B
1	dtsedge.com dtsedge.com — Cisco Umbrella Rank: 53979	447 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 477	675 B
1	shareaholic.com 1 redirects pixel.shareaholic.com — Cisco Umbrella Rank: 26442	511 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 646	407 B
1	userreport.com audex.userreport.com — Cisco Umbrella Rank: 4929	433 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 906	480 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 9630	543 B
1	truoptik.com 1 redirects dmp.truoptik.com — Cisco Umbrella Rank: 2794	548 B
1	alcmpn.com 1 redirects p.alcmpn.com — Cisco Umbrella Rank: 2926	380 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 6188	16 KB
1	gstatic.com fonts.gstatic.com	51 KB
1	momen.tm momen.tm
1	treksantuy.asia 1 redirects treksantuy.asia	423 B
1	treksantuy.tech 1 redirects treksantuy.tech	451 B
0	bidswitch.net Failed x.bidswitch.net Failed
0	btrll.com Failed geo-um.btrll.com Failed
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	ib-ibi.com Failed global.ib-ibi.com Failed
0	adsymptotic.com Failed p.adsymptotic.com Failed
1361	101

	Domain	Requested by
276	zona-bermain.com	10 redirects markas-prediktor.info zona-bermain.com
140	antoboomerblog.files.wordpress.com	sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz rtx.dudasoleh.lol raja.hoki2d.xyz
72	get.s-onetag.com	e.dtscout.com get.s-onetag.com
60	t.sharethis.com	pd.sharethis.com t.sharethis.com bolo.treksantuy.xyz king.laskar2d.xyz sky.pasukanantidepo.shop rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com kaptenoleng.com
57	s10.histats.com	sky.pasukanantidepo.shop s10.histats.com bolo.treksantuy.xyz king.laskar2d.xyz rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com kaptenoleng.com w1.bungaprediction.com
49	i.liadm.com	49 redirects
43	thrtle.com	23 redirects rtx.dudasoleh.lol bolo.treksantuy.xyz sky.pasukanantidepo.shop king.laskar2d.xyz raja.hoki2d.xyz markas-prediktor.info data-beacons.s-onetag.com zona-bermain.com bcp.crwdcntrl.net
36	cdn.jsdelivr.net	markas-prediktor.info zona-bermain.com
35	pippio.com	34 redirects zona-bermain.com
31	pd.sharethis.com	e.dtscout.com sky.pasukanantidepo.shop t.sharethis.com bolo.treksantuy.xyz king.laskar2d.xyz rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com kaptenoleng.com
30	ap.lijit.com	1 redirects sky.pasukanantidepo.shop get.s-onetag.com data-beacons.s-onetag.com
30	idsync.rlcdn.com	4 redirects zona-bermain.com markas-prediktor.info raja.hoki2d.xyz bcp.crwdcntrl.net
29	t.dtscout.com	e.dtscout.com
29	s4.histats.com	s10.histats.com
28	blogger.googleusercontent.com	markas-prediktor.info
28	data-beacons.s-onetag.com	get.s-onetag.com
28	t.dtscdn.com	e.dtscout.com
28	e.dtscout.com	s4.histats.com
27	api.intentiq.com	1 redirects data-beacons.s-onetag.com rtx.dudasoleh.lol
27	track2.securedvisit.com	data-beacons.s-onetag.com
25	px.ads.linkedin.com	1 redirects sky.pasukanantidepo.shop bolo.treksantuy.xyz king.laskar2d.xyz rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com
25	s.w.org	sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz rtx.dudasoleh.lol zona-bermain.com
24	rc.rlcdn.com	24 redirects
24	maxcdn.bootstrapcdn.com	markas-prediktor.info maxcdn.bootstrapcdn.com zona-bermain.com
23	ce.lijit.com	sky.pasukanantidepo.shop bolo.treksantuy.xyz king.laskar2d.xyz rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com
22	um.simpli.fi	22 redirects
20	bolo.treksantuy.xyz	sky.pasukanantidepo.shop bolo.treksantuy.xyz king.laskar2d.xyz rtx.dudasoleh.lol raja.hoki2d.xyz
19	sync.crwdcntrl.net	4 redirects bcp.crwdcntrl.net
17	rtx.dudasoleh.lol	bolo.treksantuy.xyz rtx.dudasoleh.lol
17	s4is.histats.com	sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com
15	connect-metrics-collector.s-onetag.com	get.s-onetag.com
15	cm.g.doubleclick.net	12 redirects bcp.crwdcntrl.net
14	pixel.onaudience.com	10 redirects rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz e.dtscout.com
14	sky.pasukanantidepo.shop	1 redirects sky.pasukanantidepo.shop
13	match.adsrvr.org	13 redirects
12	raja.hoki2d.xyz	rtx.dudasoleh.lol raja.hoki2d.xyz
12	markas-prediktor.info	king.laskar2d.xyz markas-prediktor.info
12	king.laskar2d.xyz	sky.pasukanantidepo.shop king.laskar2d.xyz
11	bungaprediction.top	kaptenoleng.com
11	kaptenoleng.com	zona-bermain.com
11	tags.crwdcntrl.net	e.dtscout.com cdn-tc.33across.com tags.crwdcntrl.net
10	ps.eyeota.net	3 redirects king.laskar2d.xyz data-beacons.s-onetag.com sky.pasukanantidepo.shop bcp.crwdcntrl.net
10	tags.bluekai.com	5 redirects sky.pasukanantidepo.shop tags.bkrtx.com bcp.crwdcntrl.net
9	onetag-geo.s-onetag.com	get.s-onetag.com
8	id5-sync.com	8 redirects
8	e.dlx.addthis.com	8 redirects
8	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net raja.hoki2d.xyz
7	aa.agkn.com	1 redirects bcp.crwdcntrl.net zona-bermain.com
7	partner.mediawallahscript.com	6 redirects bcp.crwdcntrl.net
7	dpm.demdex.net	6 redirects bcp.crwdcntrl.net
7	d.turn.com	7 redirects
6	ups.analytics.yahoo.com	6 redirects
6	cms.analytics.yahoo.com	6 redirects
6	he.lijit.com	6 redirects
6	x.dlx.addthis.com	sky.pasukanantidepo.shop bolo.treksantuy.xyz king.laskar2d.xyz
6	m2.treksantuy.xyz	6 redirects
5	pm.w55c.net	5 redirects
5	ei.rlcdn.com	5 redirects
5	ib.adnxs.com	5 redirects
5	sync-tm.everesttech.net	5 redirects
5	sync.sharethis.com	1 redirects sky.pasukanantidepo.shop bcp.crwdcntrl.net
5	wget.angkapaito.net	sky.pasukanantidepo.shop bolo.treksantuy.xyz king.laskar2d.xyz rtx.dudasoleh.lol raja.hoki2d.xyz
5	widget.angkapaito.net	5 redirects
5	4.bp.blogspot.com	sky.pasukanantidepo.shop bolo.treksantuy.xyz rtx.dudasoleh.lol raja.hoki2d.xyz opesia.vip
4	us-u.openx.net	3 redirects bcp.crwdcntrl.net
4	sync.srv.stackadapt.com	4 redirects
4	stags.bluekai.com	4 redirects
3	aorta.clickagy.com	3 redirects
3	pixel.tapad.com	3 redirects
3	secure.adnxs.com	3 redirects
3	pixel-sync.sitescout.com	3 redirects
3	nlsn.thrtle.com	raja.hoki2d.xyz zona-bermain.com
3	thrtl.redinuid.imrworldwide.com	3 redirects
3	s.amazon-adsystem.com	1 redirects zona-bermain.com bcp.crwdcntrl.net
3	loadm.exelator.com	3 redirects
3	match.prod.bidr.io	3 redirects
3	ml314.com	1 redirects sky.pasukanantidepo.shop bcp.crwdcntrl.net
2	live.rezync.com	2 redirects
2	wblog.xyz	w1.bungaprediction.com wblog.xyz
2	code.jquery.com	opesia.vip zona-bermain.com
2	p.rfihub.com	2 redirects
2	opesia.vip	zona-bermain.com
2	ads.scorecardresearch.com	1 redirects zona-bermain.com
2	x01.aidata.io	1 redirects bcp.crwdcntrl.net
2	image6.pubmatic.com	2 redirects
2	fei.pro-market.net	2 redirects
2	tag.crsspxl.com	1 redirects bcp.crwdcntrl.net
2	c1.adform.net	2 redirects
2	sync.smartadserver.com	1 redirects bcp.crwdcntrl.net
2	cm.mgid.com	1 redirects bcp.crwdcntrl.net
2	a.dtssrv.com	e.dtscout.com
2	gum.criteo.com	2 redirects
2	idsync.reson8.com	2 redirects
2	beacon.krxd.net	zona-bermain.com bcp.crwdcntrl.net
2	tags.rd.linksynergy.com	2 redirects
2	i.simpli.fi	sky.pasukanantidepo.shop
2	lex.33across.com	1 redirects sky.pasukanantidepo.shop
2	fonts.googleapis.com	bolo.treksantuy.xyz wblog.xyz
1	ajax.googleapis.com	wblog.xyz
1	2.bp.blogspot.com	opesia.vip
1	w1.bungaprediction.com	zona-bermain.com
1	rtb.adentifi.com	zona-bermain.com
1	dtsedge.com	e.dtscout.com
1	secure-gl.imrworldwide.com	zona-bermain.com
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	loadus.exelator.com	bcp.crwdcntrl.net
1	pixel.shareaholic.com	1 redirects
1	trc.taboola.com	bcp.crwdcntrl.net
1	audex.userreport.com	bcp.crwdcntrl.net
1	rtd-tm.everesttech.net	1 redirects
1	pbid.pro-market.net	bcp.crwdcntrl.net
1	wt.rqtrk.eu	bcp.crwdcntrl.net
1	sync.ipredictive.com	1 redirects
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	1 redirects
1	i6.liadm.com	bcp.crwdcntrl.net
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	p.alcmpn.com	1 redirects
1	tags.bkrtx.com	pd.sharethis.com
1	cdn-tc.33across.com	de.tynt.com
1	mwzeom.zeotap.com	bolo.treksantuy.xyz
1	spl.zeotap.com	1 redirects
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	sky.pasukanantidepo.shop
1	fonts.gstatic.com	fonts.googleapis.com
1	momen.tm	bolo.treksantuy.xyz
1	treksantuy.asia	1 redirects
1	cdn.tynt.com	e.dtscout.com
1	treksantuy.tech	1 redirects
0	x.bidswitch.net Failed	zona-bermain.com
0	geo-um.btrll.com Failed	bcp.crwdcntrl.net
0	sync.search.spotxchange.com Failed	bcp.crwdcntrl.net
0	global.ib-ibi.com Failed	bcp.crwdcntrl.net
0	p.adsymptotic.com Failed	markas-prediktor.info
1361	138

This site contains links to these domains. Also see Links.

Domain
hknalo.us.com
bandarnalo.agency
paitowarna.co.com
slotindo.ws
agennalo.city
gacorbgt.com
www.histats.com
188.166.217.213
mbahyit.id
al-84.com
p2.wlatogel88genx.com
p2.changekaisartoto88.com
p2.batuindolottery88.net
p1.leveldunialottery88.net
jabrix22.com
p2.cardindoboss6d.net
p2.babymicrotogel88.net

Subject Issuer	Validity	Valid
pasukanantidepo.shop E1	`2023-12-01` - `2024-02-29`	3 months	crt.sh
*.files.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
treksantuy.xyz E1	`2023-12-13` - `2024-03-12`	3 months	crt.sh
angkapaito.net GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
laskar2d.xyz GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
dudasoleh.lol GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
cert1-prod.aut.a24365.net R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
markas-prediktor.info cPanel, Inc. Certification Authority	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
hoki2d.xyz GTS CA 1P5	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh
www.zona-bermain.com.gubukprediction.com R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh
*.onaudience.com Go Daddy Secure Certificate Authority - G2	`2023-03-28` - `2024-04-28`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
kaptenoleng.com cPanel, Inc. Certification Authority	`2023-12-09` - `2024-03-08`	3 months	crt.sh
bungaprediction.top cPanel, Inc. Certification Authority	`2023-11-16` - `2024-02-14`	3 months	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2023-03-22` - `2024-04-22`	a year	crt.sh
dtssrv.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-01` - `2024-12-21`	a year	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-12-26` - `2024-06-26`	6 months	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
*.rqtrk.eu RapidSSL TLS RSA CA G1	`2023-06-01` - `2024-05-31`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
dtsedge.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh
b1.track-2d.com cPanel, Inc. Certification Authority	`2023-12-02` - `2024-03-01`	3 months	crt.sh
opesia.vip GTS CA 1P5	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
wblog.xyz R3	`2023-09-18` - `2023-12-17`	3 months	crt.sh

This page contains 123 frames:

Primary Page: https://sky.pasukanantidepo.shop/
Frame ID: E89C0CF0E92EFACF9D7083283926B650
Requests: 82 HTTP requests in this frame

Frame: https://bolo.treksantuy.xyz/
Frame ID: D5AB04D387FEAD2BFA6FE8C27ECF1F81
Requests: 65 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: ACE6D78B43117722954CDED4A6A3F5FC
Requests: 1 HTTP requests in this frame

Frame: https://king.laskar2d.xyz/
Frame ID: 56C58FF1C99CF0ECB44D1CC4CF9B24EA
Requests: 68 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A0170614755864712164A73D22398F
Frame ID: 81B910CBBB55209C621E83224E06FB57
Requests: 1 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: A3AF2B12A2B78952229735D1D61E5ACF
Requests: 1 HTTP requests in this frame

Frame: https://rtx.dudasoleh.lol/
Frame ID: BBD3C562C7AB15466B19CC8A9C8FFB4B
Requests: 90 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: EF8A1764B4105085ECFFD83E540CF01F
Requests: 1 HTTP requests in this frame

Frame: https://markas-prediktor.info/
Frame ID: 2414895154529C9E1351ABE62F18F8BF
Requests: 71 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 645094F4F62E16920D378625C28F62F6
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: B847CB324647FE6ED8F12210CA8D57B2
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 20CDC487D01C554C8E70F95768E965E5
Requests: 2 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 4872D8EE4E1AE148901E294C77E7C974
Requests: 3 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: F8546171E8CC82119AF39C1ABB2A8B59
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: D039C2AF4F3C70433CDDB62F3BCC2B31
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 28A75332BDE491AF8073EBAF5ECCE6AA
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 1017E0D38D72D7695C5FDD085064E7F1
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK21h4OpnpWS6JxFLGtcpgY&google_cver=1
Frame ID: 404F51C9BBE4F65084FA01B7C8225476
Requests: 1 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: 81EC8AD11DA6D68AB2852B571D69602B
Requests: 1 HTTP requests in this frame

Frame: https://raja.hoki2d.xyz/
Frame ID: 760A1EDEA054EEB7D45CBBE23926F783
Requests: 70 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=37296
Frame ID: 4AB25B934192CCBA3112F47351D4776E
Requests: 1 HTTP requests in this frame

Frame: https://zona-bermain.com/
Frame ID: EE5DA516337D284D8E7EC51650E61044
Requests: 59 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=52176
Frame ID: 04BC8C32F46E7DD10ED3F8FD5ADE8FC9
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=70911
Frame ID: 84A9B6D3CCD0DBDF670A144162C34C90
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 16CF226345B2A6B07CC78375936941B9
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: C0DAC68D36E99F7BDA6601CA13E0DA32
Requests: 2 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: 4D77E34F7190A1995E452B5E50E10048
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 73D3F7B546E4051E253546DB9638B304
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: B4126D2846627C38930CA341DD6E5087
Requests: 22 HTTP requests in this frame

Frame: https://zona-bermain.com/pola-dasar/
Frame ID: A16B018FA4E44ECA183726ECBE7A42D4
Requests: 51 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: D5396B501E61816BD39A621CD8A7836F
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 980066BD8320D9F05CBF9A988B9C691B
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: E0FF6163B2B5D8484C53662AE64D0216
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 0EC760DC015C3C5D6DE170AFD7A6AADC
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=46479
Frame ID: 3F6BF5A0C08241B443C91A42C9DB1EA5
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: B322A7F50F514DC1FFF0468EAA6BE3C6
Requests: 21 HTTP requests in this frame

Frame: https://zona-bermain.com/prediksi-hongkong/
Frame ID: 46AE28ADFBCA6D3030A5C288BD0A1878
Requests: 50 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 50B7BBACDEEA9AB104930FB8AD7ACEE5
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 9CE3A8204264B48C3772FE3FCD600642
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 8985616BBABF6B8432BE257C8CE823E2
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: ED1A647DE32E7CEB490F9A03B689A270
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=4773
Frame ID: AE14B3DFC10C93A524582758C8B64A47
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: BED95071C2918D61F8C0263EB9BBB2BB
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: FDC32D97F1EFBB11FF707CBE69635041
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 156CEE32C7B2FF8C9F7A3184A29F5464
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 5D44F9074F3B43301A4BC39C8AF2DAE7
Requests: 21 HTTP requests in this frame

Frame: https://zona-bermain.com/prediksi-china/
Frame ID: 4D9C278580EE5896904F398F786DB945
Requests: 50 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 349E56E6B187AD4EBBC88BE4045FC9A0
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: F7D7903048739B84EA985775CBFB1AC4
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=38517
Frame ID: 7F7435FB881FB74FE97FF65412BB5FE8
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=87667
Frame ID: CC5DC5F1BF3B2C5F55E35AF9626AFE6E
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 4823C6E80D40E0087A3B00117FB7BBA9
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: CE98285A1A8EAE04FDDB415A14DBEA08
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: A8F55A27FCC32997552467FDE277D253
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=67846
Frame ID: E6D791EB7B8920B81F785ADA4D1835F1
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: EBA77C12A76ED3B602F15EF900B54F0A
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=64255
Frame ID: 915506419AC911B77ADD9580B5991625
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=70246
Frame ID: CFA5ED401202BA39E24AE5F6EBA1DF00
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 65405B193F04777E66C2D15BCA2EC516
Requests: 21 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 7D69ABD7912B00148A8213B09676230B
Requests: 2 HTTP requests in this frame

Frame: https://zona-bermain.com/buku-mimpi-2d/
Frame ID: 907591FFBA18036237A6729DF96AA02C
Requests: 50 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 255E592CC987125800BDD6FDB7BB10CF
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 52094F026A125C8A0FFD5CB95197CAE6
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=53449
Frame ID: 8CD7BFD3E28BE42EC3FC3EB98641A9E9
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 4D404FBF9A1C6BB9D002B2A6FF24A5C9
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: C06F414A5AC149B43D15CADA22977725
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 8A9DCB07530D9A935777C377FE73FE05
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 37AF0C90E57F223CC7AE4DCFEE7263D3
Requests: 17 HTTP requests in this frame

Frame: https://zona-bermain.com/paito-warna-taiwan/
Frame ID: 5BCDF05C98128FA4E943FF5C3E0C93CF
Requests: 49 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 603CE4827E543D33D253B60AFF2BB543
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: C1E45936164254F3CD4254A4E49F9FB3
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: D4D30ACC9929619B48861DC0D0F74F32
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 124043E4DA96884EC6D854B3D08974C1
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: DBFAF37AEA50F4456C5FB44389BD7211
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=51140
Frame ID: A47222979556267C2FBF8A5B411A7144
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 5DC1B61EA986C65B03CED292E5080D45
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 8DCB8A332B7C328F00502571A08B98F9
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=65731
Frame ID: 8F8E3A46E7D3A0060B8D7EE2BF27EA99
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=85429
Frame ID: 3BF8524AF870284F93887B4A0A9E00F4
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: DB4F05DF1BF48E34EA9E4D4D33FD0071
Requests: 17 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: C52EE097EBB4A3B962FC76BDFF75FA71
Requests: 1 HTTP requests in this frame

Frame: https://zona-bermain.com/prediksi-taiwan/
Frame ID: FC0B0574F0ADD2084ADA03226AF6CCDA
Requests: 46 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: A6D2D42467277515F8F8D478374D8FB1
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: A6DEA3036CA7C5AC67B4E0B28CAFEB7F
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 66A5E9C48F4A2C30D28BE4B2441D4C4F
Requests: 17 HTTP requests in this frame

Frame: https://zona-bermain.com/generator-line-angka/
Frame ID: A6707A59A8C9B083C713774CDA7D0EF8
Requests: 48 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: B09450EF2F43D175202078BA3B02FDEA
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 73FCFF0BD6FB515D94A3147C070D5580
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=65402
Frame ID: 54E7AE9491792E0521B0AE9C5703A4E3
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=49189
Frame ID: DCAD28B3D474E6C4C9D3FB4319FF6D90
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 4BF7C5E84433C9D49E1E23DEA882B80C
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 447C6A0ADB202A555895EB0659CC847C
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=79408
Frame ID: B98DCF52CEE59F546BCD8010162E14FB
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=1182
Frame ID: 3A96D2761DAD9D2BC546407DAE079E4A
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 24E4DB2031C0A198224AC5A8E8A08FB9
Requests: 24 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: D34D42A9CD1F6F5DBE910DED573E2675
Requests: 24 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: B0D26D70A0F2CD91E581D39B7715EC41
Requests: 16 HTTP requests in this frame

Frame: https://zona-bermain.com/live-singapore/
Frame ID: 92E88EEDF2022FF07970BE3CBD3BF90B
Requests: 43 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: B215F6F6F62008106EF79A55BD5F48ED
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=34952
Frame ID: A91A50D35873FE2D0D21CF585780D72F
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=95242
Frame ID: AB08ADDCA880D91859D92080907A4AD3
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 843289237B705A3A67FEE22A6F199629
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: BD5AB99396EF3A6F888F743C9994D61B
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 0D4FD978B1820C959079D9FC7DA59F49
Requests: 2 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livesgp.php
Frame ID: 65473D10165D35486C37CBE4AF1791A3
Requests: 12 HTTP requests in this frame

Frame: https://opesia.vip/iframe-live/live4dsgp.php
Frame ID: A3770CFBC267AF7634F096165FD9F917
Requests: 3 HTTP requests in this frame

Frame: https://opesia.vip/iframe-live/livetotosgp.php
Frame ID: 74A93561BD904FAF073B9C8614A01AA7
Requests: 3 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 1878148EF955504DFD9A859D72F4FA88
Requests: 13 HTTP requests in this frame

Frame: https://zona-bermain.com/buku-mimpi-4d/
Frame ID: CBCF7506CB2F5D0075026EEE84763793
Requests: 41 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 7B5CC555CC14E3F8655D3100AFF8885B
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=39723
Frame ID: 0AA6C27866FC95DDAF1A4BB4CEC9ABC4
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 23277292326B56A16133D85F82327B0D
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=83762
Frame ID: 6CF0C07A39BC0D95A1EAB6D3E9AAC213
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 6EE754C53DFD76446ED3DB7029EEC2DD
Requests: 12 HTTP requests in this frame

Frame: https://zona-bermain.com/rekap-kumat/
Frame ID: 889D3DD875E553CDDCD9F52186215BF6
Requests: 40 HTTP requests in this frame

Frame: https://wblog.xyz/live-draw-sgp.php
Frame ID: 4AE85BF7BD6CB3C7E892F3B939B47412
Requests: 4 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=13421
Frame ID: 34C005CB52238095767DB35C7D28096D
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: AFAFF9D283D50FAEFA8D6C27FAFE33BB
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: D556666A8BBF2681C5F907F2AC45C15D
Requests: 4 HTTP requests in this frame

Frame: https://zona-bermain.com/rekap-angka-4d/
Frame ID: DE480F29D09BFE2B74F3A568197CBAD6
Requests: 15 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=2890
Frame ID: 05100C7596108B75DCDDB193EA556147
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: AB57D8FADDCE008E37D4B61E2D9142B9
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=72424
Frame ID: 4E7500C3FB3D9BAD9D96EB2E9A8F68BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PASUKAN ANTI DEPO – PREDIKSI ANGKA JITU WLA HARI INI

Page URL History Show full URLs

http://sky.pasukanantidepo.shop/ HTTP 301
https://sky.pasukanantidepo.shop/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

1361
Requests

89 %
HTTPS

30 %
IPv6

101
Domains

138
Subdomains

83
IPs

8
Countries

146801 kB
Transfer

157912 kB
Size

155
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://hknalo.us.com/link.php?member=boomer1358

Search URL Search Domain Scan URL

URL: https://bandarnalo.agency/link.php?member=boomer1358

Search URL Search Domain Scan URL

URL: http://paitowarna.co.com/?ref=Boomer1358

Search URL Search Domain Scan URL

URL: http://slotindo.ws/register?ref=1241021

Search URL Search Domain Scan URL

URL: http://agennalo.city/?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/tpking/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/rgclock/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/rgbasic/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/jkbrain/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/pkboss/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/ttbright/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/jpkind/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/idticket/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/gtgold/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/gtpath/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/ahart/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/8080salt/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/8table/

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=4660281&ccid=3026

Search URL Search Domain Scan URL

URL: http://188.166.217.213/
Title: jackpot4d.blog

Search URL Search Domain Scan URL

URL: https://mbahyit.id/
Title: mbahyit

Search URL Search Domain Scan URL

URL: https://al-84.com/
Title: Al84

Search URL Search Domain Scan URL

URL: https://p2.wlatogel88genx.com/user/register.html?ref=boomer1358

Search URL Search Domain Scan URL

URL: https://p2.changekaisartoto88.com/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://p2.batuindolottery88.net/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://p1.leveldunialottery88.net/user/register.html?ref=boomer1358

Search URL Search Domain Scan URL

URL: https://jabrix22.com/m/link.php?member=boomer1358

Search URL Search Domain Scan URL

URL: https://p2.cardindoboss6d.net/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://p2.babymicrotogel88.net/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sky.pasukanantidepo.shop/ HTTP 301
https://sky.pasukanantidepo.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 40

https://treksantuy.tech/ HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 41

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 63

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 108

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 128

https://treksantuy.asia/wp-content/themes/frontier/images/honeycomb.png HTTP 301
https://momen.tm/ZdO9uN

Request Chain 129

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 136

https://pixel.onaudience.com/?partner=137085098&mapped=51A0170614755864712164A73D22398F HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=5ba18abdb97d84a1

Request Chain 138

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 160

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=ad295b94-2022-4a08-8e14-97c9109b6633&gdpr=0&gdpr_consent=

Request Chain 161

https://idsync.rlcdn.com/386076.gif?partner_uid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhnQUJHV3h2dWNBQUFBSkEwVXZBdz09EAAaDQjo_catBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&rand=06973943 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&rand=06973943&expected_cookie=ab812ea1-ab34-46d4-9b67-09ee79a11587

Request Chain 162

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2Nys14zS3tUJpguYKxogyfIaLZPVVipH3Ciz2mV4Swmg&gdpr=0&gdpr_consent=

Request Chain 163

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHgABGWxvucAAAAJA0UvAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3641590338835972151 HTTP 307
https://ml314.com/csync.ashx?fp=3b044b67ed0cdd5b032a33d62bf90f0fb994a9f252e71de705fa919b3ba1c175f4cb09cee1a4f8eb&person_id=3641590338835972151&eid=50082

Request Chain 164

https://tags.bluekai.com/site/59574?id=ZHgABGWxvucAAAAJA0UvAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 170

https://pixel.onaudience.com/?partner=137085098&mapped=51A0170614755864712164A73D22398F HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=ad295b94-2022-4a08-8e14-97c9109b6633&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=9a20bd7ec2f0dedd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=70ef5265-9d4b-4115-4e37-0f205f19a105&reqId=1ac4910b-2999-4521-7f0f-4a82813c8c1d&zcluid=9a20bd7ec2f0dedd&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEPmM7KsKEtb3uffBKgRgDrc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=70ef5265-9d4b-4115-4e37-0f205f19a105&reqId=1ac4910b-2999-4521-7f0f-4a82813c8c1d&zcluid=9a20bd7ec2f0dedd&zdid=1332

Request Chain 172

https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1706147560450.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3DBrand%2BSafety%252FMilitary%26pdev%3D%26pctry%3DUS%26referrer%3Dhttps%253A%252F%252Fsky.pasukanantidepo.shop%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D HTTP 302
https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1706147560450.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3DBrand%2BSafety%252FMilitary%26pdev%3D%26pctry%3DUS%26referrer%3Dhttps%253A%252F%252Fsky.pasukanantidepo.shop%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D&b=1

Request Chain 178

https://pixel.onaudience.com/?partner=137085098&mapped=51A0170614755864712164A73D22398F HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=a139b9eeb307c3a4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mk4xUkhJXzNkTXdZdExXX2lqc08yUzRpckF1SVdXRmpwczVTUUtPUjdJNzQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mk4xUkhJXzNkTXdZdExXX2lqc08yUzRpckF1SVdXRmpwczVTUUtPUjdJNzQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEMVtBeUTTzbMUOkT89_bp00&google_cver=1

Request Chain 191

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 200

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHgABGWxvucAAAAJA0UvAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1275.23381%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1275.23381%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=41235403 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=MCtUcW5Dd005OU9CK3Fhaw%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK21h4OpnpWS6JxFLGtcpgY&google_cver=1

Request Chain 208

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 311

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 325

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=75174 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=75174&_li_chk=true&previous_uuid=9031f43295f143718f6c243625f67bcf HTTP 303
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155 HTTP 302
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155&rd=Y HTTP 302
https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024012501524400042580839287&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=WB9qnL7%2B99YUrfak

Request Chain 341

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 383

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=37261 HTTP 303
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155 HTTP 302
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155&rd=Y HTTP 302
https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024012501524400061385747456&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=WB9qnL7%2B99YUrfak

Request Chain 384

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=11580 HTTP 303
https://he.lijit.com/merge?pid=8105&event_type=email&lc_md5=cbdcc14ccc7e4eab2efafef4f54d3155&lc_sha1=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&lc_sha256=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7&rnd=11580 HTTP 302
https://p.alcmpn.com/em/173/110/2360.gif?gid=cbdcc14ccc7e4eab2efafef4f54d3155 HTTP 302
https://e.dlx.addthis.com/e/a-1564/s-5719?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyNDAxMjUwMTUyNDQwMDA2MTM4NTc0NzQ1Ng%3D%3D HTTP 302
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESECMdXbqc1_7IklooOuXOEvo&google_cver=1

Request Chain 391

https://um.simpli.fi/lj_match?r=3487 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 428

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=81761 HTTP 303
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyNDAxMjUwMTUyNDQwMDA2MTM4NTc0NzQ1Ng%3D%3D HTTP 302
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESECMdXbqc1_7IklooOuXOEvo&google_cver=1

Request Chain 430

https://um.simpli.fi/lj_match?r=37321 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 431

https://um.simpli.fi/lj_match?r=13272 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 433

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 434

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 455

https://zona-bermain.com/pola-dasar HTTP 301
https://zona-bermain.com/pola-dasar/

Request Chain 457

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=44126 HTTP 303
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=b6ed657b7558e2ab9f72bb77bb3d8d44 HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NDg4NjUvdC8y/dpuid/2024012501524400061385747456/url/https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fturn_sync.xgi%3Fna_exid%3D%24!%7BTURN_UUID%7D HTTP 302
https://x.dlx.addthis.com/e/turn_sync.xgi?na_exid=8807815104210564113

Request Chain 459

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=73304 HTTP 303
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=b6ed657b7558e2ab9f72bb77bb3d8d44 HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NDg4NjUvdC8y/dpuid/2024012501524400061385747456/url/https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fturn_sync.xgi%3Fna_exid%3D%24!%7BTURN_UUID%7D HTTP 302
https://x.dlx.addthis.com/e/turn_sync.xgi?na_exid=2466746828872905745

Request Chain 475

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=IDEQiSZHoL1tX3WzRa2vaD_p/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=cf48f38f57b5afc8f1fef27f7cc9f596

Request Chain 521

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=85778 HTTP 303
https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=cbdcc14ccc7e4eab2efafef4f54d3155&lc_sha1=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&lc_sha256=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7&rnd=85778 HTTP 302
https://thrtle.com/2002?sha256=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7&md5=cbdcc14ccc7e4eab2efafef4f54d3155&sha1=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68 HTTP 302
https://thrtle.com/12?mc=6e41526d-de95-49a1-ac30-86e5faeef8ef&md5=cbdcc14ccc7e4eab2efafef4f54d3155&org_pid=2002&sha1=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&sha256=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7&vxii_rmax=5 HTTP 302
https://thrtle.com/sync?vxii_pid=12&dt=1706147568&vxii_rmax=5

Request Chain 523

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://thrtle.com/sync?_reach=1&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p&vxii_pid=12&vxii_pid1=7002&vxii_rcid=03f3630b-90a5-4afc-962f-0e2006ab38df&vxii_rmax=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/throtle HTTP 303
https://match.prod.bidr.io/cookie-sync/throtle?_bee_ppp=1 HTTP 303
https://thrtle.com/sync?vxii_pdid=AACipU7LY34AABLeucDDpQ&vxii_pid=5037&_t=1706147569.3243139 HTTP 302
https://loadm.exelator.com/load/?p=204&g=1133&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=1133&j=0&xl8blockcheck=1 HTTP 302
https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=bf59567db7ef986f726c91f902181978

Request Chain 533

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=ad295b94-2022-4a08-8e14-97c9109b6633&bid=1e2n4ou

Request Chain 534

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-eKKPNJFE2pVTwQQgdMw8w6qgwNCdKmCOPxM-~A

Request Chain 535

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZbG_8AARAHb41ABH HTTP 302
https://ps.eyeota.net/match?uid=ZbG_8AARAHb41ABH&bid=0rijhbu&referrer_pid=51md42u&_test=ZbG_8AARAHb41ABH

Request Chain 536

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253D51md42u HTTP 302
https://ps.eyeota.net/match?uid=6295036647698144493&bid=2cr76e1&referrer_pid=51md42u

Request Chain 537

https://tags.bluekai.com/site/39798?limit=1&id=2yJsSDkzPdQYyrd2r0BJlgOkvQ7dBarNh0ZydTtjxWPE HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=ad295b94-2022-4a08-8e14-97c9109b6633&gdpr=0&gdpr_consent=

Request Chain 538

https://zona-bermain.com/prediksi-hongkong HTTP 301
https://zona-bermain.com/prediksi-hongkong/

Request Chain 547

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=6e41526d-de95-49a1-ac30-86e5faeef8ef HTTP 302
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=ad295b94-2022-4a08-8e14-97c9109b6633

Request Chain 548

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=6e41526d-de95-49a1-ac30-86e5faeef8ef HTTP 302
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=ad295b94-2022-4a08-8e14-97c9109b6633

Request Chain 568

https://um.simpli.fi/lj_match?r=89471 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 569

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=86126 HTTP 303
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=d0ebd870e62417c041b1cfaabc5fab5b HTTP 302
https://i.liadm.com/s/29307?bidder_id=79701&bidder_uuid=2024012501524400061385747456&cb=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fli_sync.xgi%3Fna_exid%3D%7BLIDIDOREMPTY%7D HTTP 303
https://pippio.com/api/sync?pid=710914&_=5&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7 HTTP 307
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06725200

Request Chain 607

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=91029 HTTP 303
https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=b6ed657b7558e2ab9f72bb77bb3d8d44&lc_sha1=812703517bb6d912793822680b5e31867ce79140&lc_sha256=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4&rnd=91029 HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=b6ed657b7558e2ab9f72bb77bb3d8d44&pt=1&dpn=2248&dpt=812703517bb6d912793822680b5e31867ce79140&pt=1&dpn=2270&dpt=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4&pcid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=b6ed657b7558e2ab9f72bb77bb3d8d44&pt=1&dpn=2248&dpt=812703517bb6d912793822680b5e31867ce79140&pt=1&dpn=2270&dpt=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4&pcid=IDEQiSZHoL1tX3WzRa2vaD_p&ckls=true&ci=9amzqQ78cl&nc=false&trid=6f344821-23dc-4cac-95b3-36d7e0b4cd03

Request Chain 620

https://zona-bermain.com/prediksi-china HTTP 301
https://zona-bermain.com/prediksi-china/

Request Chain 636

https://um.simpli.fi/lj_match?r=45921 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 648

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://sync.srv.stackadapt.com/sync?nid=throtle HTTP 302
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=JOUctIEMUTFD5JmaJfO95s5CYFI&_t=1706147571

Request Chain 656

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=63109 HTTP 303
https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=d0ebd870e62417c041b1cfaabc5fab5b&lc_sha1=58964d2aebc4d92593ca3b3153c99cd867f2acf2&lc_sha256=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7&rnd=63109 HTTP 302
https://thrtle.com/2002?sha256=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7&md5=d0ebd870e62417c041b1cfaabc5fab5b&sha1=58964d2aebc4d92593ca3b3153c99cd867f2acf2 HTTP 302
https://thrtle.com/sync?vxii_pid=12&dt=1706147571&vxii_rmax=5 HTTP 302
https://i.liadm.com/s/56290?bidder_id=199768&bidder_uuid=6e41526d-de95-49a1-ac30-86e5faeef8ef HTTP 303
https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=9031f432-95f1-4371-8f6c-243625f67bcf&_t=1706147571

Request Chain 657

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=41202 HTTP 303
https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=d0ebd870e62417c041b1cfaabc5fab5b&lc_sha1=58964d2aebc4d92593ca3b3153c99cd867f2acf2&lc_sha256=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7&rnd=41202 HTTP 302
https://pippio.com/api/sync?pid=710524&_=1&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=15998&cparams=placement%3D710524 HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiNmMwZGNkZjFkMDUzM2VkMDcyZWIwNzIzODg4YjhmZWJlM2U2Njg3ZDg5YzlmMWM5ZTk4MjFkYzUzMzU3ZGE4NzkxNDI2YjU0MTdkY2UyMRAAGgwI8_3GrQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiNmMwZGNkZjFkMDUzM2VkMDcyZWIwNzIzODg4YjhmZWJlM2U2Njg3ZDg5YzlmMWM5ZTk4MjFkYzUzMzU3ZGE4NzkxNDI2YjU0MTdkY2UyMRAAGgwI8_3GrQYSBAgCEABCAEoA&google_gid=CAESEG1NR89KQyJzgQdkJzw7GYU&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=8736a3e1-effa-42c2-8408-7989dd24be41

Request Chain 658

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=33059 HTTP 303
https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=d0ebd870e62417c041b1cfaabc5fab5b&lc_sha1=58964d2aebc4d92593ca3b3153c99cd867f2acf2&lc_sha256=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7&rnd=33059 HTTP 302
https://pippio.com/api/sync?pid=710524&_=1&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=15998&cparams=placement%3D710524 HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiNmMwZGNkZjFkMDUzM2VkMDcyZWIwNzIzODg4YjhmZWJlM2U2Njg3ZDg5YzlmMWM5ZTk4MjFkYzUzMzU3ZGE4NzkxNDI2YjU0MTdkY2UyMRAAGgwI8_3GrQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiNmMwZGNkZjFkMDUzM2VkMDcyZWIwNzIzODg4YjhmZWJlM2U2Njg3ZDg5YzlmMWM5ZTk4MjFkYzUzMzU3ZGE4NzkxNDI2YjU0MTdkY2UyMRAAGgwI8_3GrQYSBAgCEABCAEoA&google_gid=CAESEG1NR89KQyJzgQdkJzw7GYU&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=d7482f65-1f29-4248-9d7a-29d69fa10a35

Request Chain 699

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=37701 HTTP 303
https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914 HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8db23ec4-528b-4fbc-9fcc-93b4b4c644a3

Request Chain 712

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=THROTLE HTTP 302
https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE HTTP 302
https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-t.TUXnFE2oToE0_JpmPU5ZDei1Gx3YMUissqZQ--~A

Request Chain 716

https://um.simpli.fi/lj_match?r=75210 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 717

https://um.simpli.fi/lj_match?r=35037 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 723

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=71530 HTTP 303
https://pippio.com/api/sync?pid=710914&_=5&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4 HTTP 307
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1

Request Chain 724

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=18496 HTTP 303
https://pippio.com/api/sync?pid=710914&_=2&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=2&cparams=placement%3D710914 HTTP 307
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
https://idsync.rlcdn.com/362588.gif?partner_uid=ad295b94-2022-4a08-8e14-97c9109b6633

Request Chain 756

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=48249 HTTP 303
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1

Request Chain 758

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=88178 HTTP 303
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D710914 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1

Request Chain 760

https://um.simpli.fi/lj_match?r=24432 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 774

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=6170 HTTP 303
https://pippio.com/api/sync?pid=710914&_=2&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4 HTTP 307
https://rc.rlcdn.com/456809.gif?n=4&cparams=placement%3D710914 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6295036647698144493

Request Chain 779

https://um.simpli.fi/lj_match?r=38780 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 780

https://um.simpli.fi/lj_match?r=38175 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 782

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=81095 HTTP 303
https://pippio.com/api/sync?pid=710914&_=2&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=5&cparams=placement%3D710914 HTTP 307
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=5bf06ede0669c99c4624e0e1603300dd3b86d7037f58a2aa756654200a7440e1c0cb235b3774c97e&cb=09607010 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=5bf06ede0669c99c4624e0e1603300dd3b86d7037f58a2aa756654200a7440e1c0cb235b3774c97e&cb=09607010&dcc=t

Request Chain 791

https://zona-bermain.com/paito-warna-taiwan HTTP 301
https://zona-bermain.com/paito-warna-taiwan/

Request Chain 793

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=77358 HTTP 303
https://pippio.com/api/sync?pid=710914&_=5&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4 HTTP 307
https://rc.rlcdn.com/456809.gif?n=6&cparams=placement%3D710914 HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=07aacaf693c37dbe55bca1f5acb328cea0304d6b63aaceb34d8084b81df7e6ddb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=07aacaf693c37dbe55bca1f5acb328cea0304d6b63aaceb34d8084b81df7e6ddb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333

Request Chain 795

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=2462 HTTP 303
https://pippio.com/api/sync?pid=710914&_=5&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4 HTTP 307
https://rc.rlcdn.com/456809.gif?n=7&cparams=placement%3D710914 HTTP 307
https://usermatch.krxd.net/um/v2?partner=liveramp HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp

Request Chain 814

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01CH0ZM0TGKTWGX4FTB1AQA71H&userid=6e41526d-de95-49a1-ac30-86e5faeef8ef HTTP 302
https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=A196988373E0DF79D80FEEE23DFA7704 HTTP 302
https://sync.crwdcntrl.net/map/c=10835/tp=ALCT/tpid=/gdpr=0/gdpr_consent=?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5003%26vxii_pdid%3D%24%7Bprofile_id%7D%26vxii_ts%3D16%26_t%3D1706147575 HTTP 302
https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=cf48f38f57b5afc8f1fef27f7cc9f596&vxii_ts=16&_t=1706147575 HTTP 302
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18 HTTP 302
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&puid=7614b770-bb24-11ee-b489-7530d5baf48f

Request Chain 824

https://um.simpli.fi/lj_match?r=99447 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 861

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1 HTTP 302
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=7614b770-bb24-11ee-ab35-159b86e69bdf

Request Chain 863

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=82383 HTTP 303
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4 HTTP 307
https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=16342&cparams=placement%3D710914 HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=07aacaf693c37dbe55bca1f5acb328cea0304d6b63aaceb34d8084b81df7e6ddb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333

Request Chain 865

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1 HTTP 302
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=7614b770-bb24-11ee-80d1-a9eb5072f869

Request Chain 870

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=75158 HTTP 303
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4 HTTP 307
https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=16342&cparams=placement%3D710914 HTTP 307
https://cms.analytics.yahoo.com/cms?partner_id=LVRMP HTTP 302
https://ups.analytics.yahoo.com/ups/58768/cms?partner_id=LVRMP HTTP 302
https://idsync.rlcdn.com/380008.gif?partner_uid=y-8gsMkplE2pyrAXQgxq3L5E.FOoW7Sqdv10Q-~A

Request Chain 889

https://zona-bermain.com/prediksi-taiwan HTTP 301
https://zona-bermain.com/prediksi-taiwan/

Request Chain 895

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=97430 HTTP 303
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914 HTTP 307
https://tags.bluekai.com/site/2035?phint=rluid=7ee4e2ff072c66e05a5e3418cd107ae9bcd547f52d62cd5f6c0db4701aff62572971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24BK_UUID_25515 HTTP 302
https://idsync.rlcdn.com/401696.gif?partner_uid=hnRqnCtn99Oelqak

Request Chain 896

https://um.simpli.fi/lj_match?r=88674 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 897

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=73244 HTTP 303
https://pippio.com/api/sync?pid=710914&_=5&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914 HTTP 307
https://tags.bluekai.com/site/2035?phint=rluid=7ee4e2ff072c66e05a5e3418cd107ae9bcd547f52d62cd5f6c0db4701aff62572971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24BK_UUID_25515 HTTP 302
https://idsync.rlcdn.com/401696.gif?partner_uid=hnRqnCtn99Oelqak

Request Chain 899

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://pixel-sync.sitescout.com/connectors/throtle/usersync?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D20%26_t%3D1706147578%26_reach%3D1 HTTP 302
https://pixel-sync.sitescout.com/connectors/throtle/usersync?cookieQ=1&redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D20%26_t%3D1706147578%26_reach%3D1 HTTP 302
https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=e964c162-cc10-4623-9b2f-b3b2ace9505c-65b1befb-5553&vxii_ts=20&_t=1706147578&_reach=1

Request Chain 901

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=51022 HTTP 303
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=2&cparams=placement%3D710914 HTTP 307
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=t4U2bDXhcPFO2nXOut0S1hK6NvRjh-po

Request Chain 939

https://um.simpli.fi/lj_match?r=26790 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 940

https://um.simpli.fi/lj_match?r=41707 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 952

https://zona-bermain.com/generator-line-angka HTTP 301
https://zona-bermain.com/generator-line-angka/

Request Chain 956

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=80556 HTTP 303
https://pippio.com/api/sync?pid=710914&_=4&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D710914 HTTP 307
https://sync.srv.stackadapt.com/sync?nid=liveramp HTTP 302
https://idsync.rlcdn.com/403896.gif?partner_uid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=&gdpr_consent=

Request Chain 958

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=30635 HTTP 303
https://pippio.com/api/sync?pid=710914&_=4&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D710914 HTTP 307
https://sync.srv.stackadapt.com/sync?nid=liveramp HTTP 302
https://idsync.rlcdn.com/403896.gif?partner_uid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=&gdpr_consent=

Request Chain 963

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://a.tribalfusion.com/i.match?p=b31&redirect=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5042%26vxii_pdid%3D%24TF_USER_ID_ENC%24%26vxii_ts%3D22%26_t%3D1706147580%26_reach%3D1&u=6e41526d-de95-49a1-ac30-86e5faeef8ef HTTP 302
https://s.tribalfusion.com/z/i.match?p=b31&redirect=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5042%26vxii_pdid%3D%24TF_USER_ID_ENC%24%26vxii_ts%3D22%26_t%3D1706147580%26_reach%3D1&u=6e41526d-de95-49a1-ac30-86e5faeef8ef HTTP 302
https://thrtle.com/sync?vxii_pid=5042&vxii_pdid=18072662068155564785&vxii_ts=22&_t=1706147580&_reach=1

Request Chain 986

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=52952 HTTP 303
https://pippio.com/api/sync?pid=710914&_=4&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4 HTTP 307
https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=16342&cparams=placement%3D710914 HTTP 307
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01EC61A11KAM4QCFG5RN38VQJZ HTTP 302
https://idsync.rlcdn.com/364708.gif?lr=true&partner_uid=A196988373E0DF79D80FEEE23DFA7704

Request Chain 987

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://pm.w55c.net/ping_match.gif?rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1706147581%26_reach%3D1&st=THROTLE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1706147581%26_reach%3D1&st=THROTLE HTTP 302
https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=TN3E0Vtl1RsOVn5&vxii_ts=24&_t=1706147581&_reach=1&st=THROTLE

Request Chain 990

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://pm.w55c.net/ping_match.gif?rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1706147581%26_reach%3D1&st=THROTLE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1706147581%26_reach%3D1&st=THROTLE HTTP 302
https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=TN3E0Vtl1RsOVn5&vxii_ts=24&_t=1706147581&_reach=1&st=THROTLE

Request Chain 1032

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=44964 HTTP 303
https://pippio.com/api/sync?pid=710914&_=4&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=4&cparams=placement%3D710914 HTTP 307
https://sync-tm.everesttech.net/upi/pid/w8wqx7f2?redir=https%3A%2F%2Fidsync.rlcdn.com%2F367148.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24%7BTM_USER_ID%7D HTTP 302
https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=ZbG_8AARAHb41ABH

Request Chain 1041

https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=cf48f38f57b5afc8f1fef27f7cc9f596&custom=&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=cf48f38f57b5afc8f1fef27f7cc9f596&custom=&tag_format=img&tag_action=sync&final=true&reqid=79377b40-bb24-11ee-a13a-6f03d2ab83be&timestamp=2024-01-25T01%3A53%3A02.196Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=6295036647698144493&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=7959d050-bb24-11ee-9f21-a97edee91416?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=cf48f38f57b5afc8f1fef27f7cc9f596&tag_format=img&tag_action=sync&cb=727109267 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=ad295b94-2022-4a08-8e14-97c9109b6633&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=7959d050-bb24-11ee-9f21-a97edee91416&cb=1706147582871&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1706147582871 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=e588d447-fe46-4097-b02b-cd210b2d0321&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1706147582871 HTTP 302
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=79d12330-bb24-11ee-b489-7530d5baf48f

Request Chain 1042

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=cf48f38f57b5afc8f1fef27f7cc9f596 HTTP 307
https://cm.mgid.com/m?c=cf48f38f57b5afc8f1fef27f7cc9f596&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Request Chain 1044

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

Request Chain 1045

https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1040 HTTP 302
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6454740188857927412/gdpr=/gdpr_consent=

Request Chain 1046

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=cf48f38f57b5afc8f1fef27f7cc9f596 HTTP 303
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=cf48f38f57b5afc8f1fef27f7cc9f596

Request Chain 1047

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ad295b94-2022-4a08-8e14-97c9109b6633/gdpr=0/gdpr_consent=

Request Chain 1048

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b5cbacce-642a-4359-9f77-3f20d5a1fa2a%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253Db5cbacce-642a-4359-9f77-3f20d5a1fa2a%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ad295b94-2022-4a08-8e14-97c9109b6633&ttd_puid=b5cbacce-642a-4359-9f77-3f20d5a1fa2a%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253Db5cbacce-642a-4359-9f77-3f20d5a1fa2a%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b5cbacce-642a-4359-9f77-3f20d5a1fa2a

Request Chain 1049

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=66e91b8070adee7da00d6c47436dcdba

Request Chain 1054

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=0&gdpr_consent=

Request Chain 1056

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-m7KclLBE2pw3aQq9juom2IBvhWddTukHMk4-~A&gdpr=0

Request Chain 1057

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e964c162-cc10-4623-9b2f-b3b2ace9505c-65b1befb-5553/gdpr=0

Request Chain 1062

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/cf48f38f57b5afc8f1fef27f7cc9f596/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2466746828872905745/gdpr=0

Request Chain 1063

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=272346446 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6295036647698144493/gdpr=0/rand=272346446

Request Chain 1064

https://tag.crsspxl.com/c.gif?t=57603&gdpr=0 HTTP 302
https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0

Request Chain 1065

https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=7bca4447-e173-4f17-bfe3-cf8b1ed4ded5&gdpr=0

Request Chain 1067

https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=cf48f38f57b5afc8f1fef27f7cc9f596 HTTP 302
https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=cf48f38f57b5afc8f1fef27f7cc9f596&sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=ODYxMjEzMjAxMDE1NDkzNjE0Mg== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEIlcK9XCCu_foCWWitT1fIg&google_cver=1

Request Chain 1068

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=10237D68-79EE-4DDB-9844-23D48C3515B3&gdpr=0

Request Chain 1069

https://id5-sync.com/s/19/9.gif?puid=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=ad295b94-2022-4a08-8e14-97c9109b6633&ttl=%%TTL%% HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/2/7/3.gif?puid=6295036647698144493&gdpr=0&gdpr_consent= HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-8ecexFEgJB5Iu8tSaj_j00JSPK56HlrMievguaVvAA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F6%2F4.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/6/4.gif?puid=2466746828872905745&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F5%2F5.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/19/136/5/5.gif?puid=ZbG_8AARAHb41ABH&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/id5?uid=ID5-8ecexFEgJB5Iu8tSaj_j00JSPK56HlrMievguaVvAA&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F4%2F6%2Fgif%2F0%2F0%2F0%2F0%2F HTTP 302
https://id5-sync.com/a/19/121/4/6/gif/0/0/0/0/ZHgABGWxvucAAAAJA0UvAw== HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=0/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F3%2F7.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=865e1c16b495eb33db291e2f735a7862&redir=https://id5-sync.com/c/19/321/3/7.gif?puid=$_BK_UUID&gdpr=0&gdpr_consent=&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/19/321/3/7.gif?puid=41%2Fqn3Ud99ef3qak HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP/gdpr=0/gdpr_consent=?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&id5id=ID5-8ecexFEgJB5Iu8tSaj_j00JSPK56HlrMievguaVvAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2Y0OGYzOGY1N2I1YWZjOGYxZmVmMjdmN2NjOWY1OTY&id5id=ID5-8ecexFEgJB5Iu8tSaj_j00JSPK56HlrMievguaVvAA

Request Chain 1073

https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=1876e5ae-0905-46ed-82eb-d67066955afa&gdpr=0

Request Chain 1077

https://pixel.onaudience.com/?mapped=cf48f38f57b5afc8f1fef27f7cc9f596&partner=104&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9a20bd7ec2f0dedd/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=252&mapped=y-DskA2YJE2pSN_yVYoy2xFGzkWPsinn6JaA--~A&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=fd031a111ba307de HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI HTTP 302
https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI HTTP 302
https://tags.bluekai.com/site/19505?id=y-m_z2SHRE2pIiVDxR0TWgzUXjAnu.BA8qPC8-~A

Request Chain 1079

https://aorta.clickagy.com/pixel.gif?ch=120&cm=cf48f38f57b5afc8f1fef27f7cc9f596 HTTP 302
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=ZbG-_rvK28MRGFFZTtBNX1oV&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=35827208354728692942570658140409409333 HTTP 302
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
https://aorta.clickagy.com/pixel.gif?ch=4&cm=c7fa7547-cdb6-4592-b620-8806696f2b4a&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZbG-_rvK28MRGFFZTtBNX1oV

Request Chain 1080

https://x01.aidata.io/0.gif?pid=LOTAME&id=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0 HTTP 302
https://x01.aidata.io/0.gif?pid=LOTAME&id=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&bounce=1

Request Chain 1081

https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213640604772000971708&gdpr=0&gdpr_consent=

Request Chain 1084

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZbG_8AARAHb41ABH/gdpr=0

Request Chain 1086

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=403035228 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6295036647698144493/gdpr=0/rand=403035228

Request Chain 1091

https://zona-bermain.com/live-singapore HTTP 301
https://zona-bermain.com/live-singapore/

Request Chain 1093

https://um.simpli.fi/lj_match?r=31838 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 1094

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=42653 HTTP 303
https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=5&cparams=placement%3D710914 HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=07aacaf693c37dbe55bca1f5acb328cea0304d6b63aaceb34d8084b81df7e6ddb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333

Request Chain 1096

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=91546 HTTP 303
https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=5&cparams=placement%3D710914 HTTP 307
https://match.prod.bidr.io/cookie-sync/liveramp HTTP 303
https://idsync.rlcdn.com/403466.gif?partner_uid=AACipU7LY34AABLeucDDpQ

Request Chain 1100

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=36332 HTTP 303
https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4 HTTP 307
https://rc.rlcdn.com/456809.gif?n=6&cparams=placement%3D710914 HTTP 307
https://loadm.exelator.com/load/?p=204&g=450&rluid=1c6000d0fcaff6e0f469cc647a7eebcf5f719e0a1f417d616adce4af9880963cf2fc7f7248dfd545&j=0 HTTP 302
https://idsync.rlcdn.com/362708.gif?partner_uid=bf59567db7ef986f726c91f902181978 HTTP 307
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008tunTAKNbFC1W_1uPrAmzf_QsBtvQ-IPUsEwAg5eB1uo

Request Chain 1105

https://um.simpli.fi/lj_match?r=45132 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 1120

https://um.simpli.fi/lj_match?r=37974 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 1121

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=87806 HTTP 303
https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4 HTTP 307
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914 HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=07aacaf693c37dbe55bca1f5acb328cea0304d6b63aaceb34d8084b81df7e6ddb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333

Request Chain 1123

https://um.simpli.fi/lj_match?r=58604 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 1151

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=61828 HTTP 303
https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=2&cparams=placement%3D710914 HTTP 307
https://ads.scorecardresearch.com/p?c1=9&c2=17057153&c3=1&c6=6aa1ba4f81cf87f609b89c22dcc5b8d5709d81e0a7b62e60b663fc0ee4ac9121ffebc811cafadc33&placement=710914&cj=1&rn=04667195 HTTP 302
https://ads.scorecardresearch.com/p2?c1=9&c2=17057153&c3=1&c6=6aa1ba4f81cf87f609b89c22dcc5b8d5709d81e0a7b62e60b663fc0ee4ac9121ffebc811cafadc33&placement=710914&cj=1&rn=04667195

Request Chain 1152

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://rtb.adentifi.com/CookieSyncThrotle

Request Chain 1153

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=74324 HTTP 303
https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=8&cparams=placement%3D710914 HTTP 307
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTk1NjkwMzUvdC8y/dpuid/c2fdebda7c8a0316f848e163e1611f1d0a9b33bd80993b6c7b65188d1c2c98e13528d9f17d145da0/url/https://idsync.rlcdn.com/367408.gif?partner_uid=$!{TURN_UUID} HTTP 302
https://idsync.rlcdn.com/367408.gif?partner_uid=2466746828872905745

Request Chain 1154

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=6818 HTTP 303
https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=7&cparams=placement%3D710914 HTTP 307
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTk1NjkwMzUvdC8y/dpuid/c2fdebda7c8a0316f848e163e1611f1d0a9b33bd80993b6c7b65188d1c2c98e13528d9f17d145da0/url/https://idsync.rlcdn.com/367408.gif?partner_uid=$!{TURN_UUID} HTTP 302
https://idsync.rlcdn.com/367408.gif?partner_uid=2466746828872905745

Request Chain 1156

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=1955 HTTP 303
https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=7&cparams=placement%3D710914 HTTP 307
https://pm.w55c.net/ping_match.gif?st=LIVERAMP&rurl=https%3A%2F%2Fidsync.rlcdn.com%2F360787.gif%3Fserved_by%3Devergreen%26partner_uid%3D_wfivefivec_ HTTP 302
https://idsync.rlcdn.com/360787.gif?served_by=evergreen&partner_uid=TN3E0Vtl1RsOVn5

Request Chain 1170

https://zona-bermain.com/buku-mimpi-4d HTTP 301
https://zona-bermain.com/buku-mimpi-4d/

Request Chain 1188

https://um.simpli.fi/lj_match?r=25266 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 1189

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5006%26vxii_pdid%3D%24UID%26vxii_ts%3D29%26_t%3D1706147585%26_reach%3D1 HTTP 302
https://thrtle.com/sync?vxii_pid=5006&vxii_pdid=6295036647698144493&vxii_ts=29&_t=1706147585&_reach=1 HTTP 302
https://sync-tm.everesttech.net/upi/pid/EhuOE4dM?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5032%26vxii_pdid%3D%24%7BTM_USER_ID%7D%26vxii_ts%3D31%26_reach%3D1 HTTP 302
https://thrtle.com/sync?vxii_pid=5032&vxii_pdid=ZbG_8AARAHb41ABH&vxii_ts=31&_reach=1

Request Chain 1191

https://um.simpli.fi/lj_match?r=72028 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 1197

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=99281 HTTP 303
https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7 HTTP 307
https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D710914 HTTP 307
https://p.rfihub.com/cm?in=1&pub=1961 HTTP 302
https://idsync.rlcdn.com/360947.gif?partner_uid=997336248764543702

Request Chain 1200

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=86054 HTTP 303
https://aa.agkn.com/adscores/s.pixel?sid=9112307438&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=openx

Request Chain 1238

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=70277 HTTP 303
https://aa.agkn.com/adscores/s.pixel?sid=9112307468&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=sovrn

Request Chain 1246

https://zona-bermain.com/rekap-kumat HTTP 301
https://zona-bermain.com/rekap-kumat/

Request Chain 1254

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=3614 HTTP 303
https://aa.agkn.com/adscores/s.pixel?sid=9112307488&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=li

Request Chain 1276

https://um.simpli.fi/lj_match?r=60155 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 1315

https://um.simpli.fi/lj_match?r=54022 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

Request Chain 1317

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=95717 HTTP 303
https://aa.agkn.com/adscores/s.pixel?sid=9112307478&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=sovrn

Request Chain 1326

https://zona-bermain.com/rekap-angka-4d HTTP 301
https://zona-bermain.com/rekap-angka-4d/

Request Chain 1327

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=28356 HTTP 303
https://aa.agkn.com/adscores/s.pixel?sid=9112307428&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=cnsmbl

Request Chain 1331

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=83013 HTTP 303
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2466746828872905745 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=9031f432-95f1-4371-8f6c-243625f67bcf HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=fcdd9bc6-bbf6-431b-a2ea-f28d09d087ec%3A1706147588.6485445&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dfcdd9bc6-bbf6-431b-a2ea-f28d09d087ec%253A1706147588.6485445%26pid%3D500040%26it%3D1%26iv%3Dfcdd9bc6-bbf6-431b-a2ea-f28d09d087ec%253A1706147588.6485445%26_%3D1706147588.650582&cb=1706147588.6506295 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=997336248764543702&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dfcdd9bc6-bbf6-431b-a2ea-f28d09d087ec%253A1706147588.6485445%26pid%3D500040%26it%3D1%26iv%3Dfcdd9bc6-bbf6-431b-a2ea-f28d09d087ec%253A1706147588.6485445%26_%3D1706147588.650582 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=fcdd9bc6-bbf6-431b-a2ea-f28d09d087ec%3A1706147588.6485445&pid=500040&it=1&iv=fcdd9bc6-bbf6-431b-a2ea-f28d09d087ec%3A1706147588.6485445&_=1706147588.650582 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1706147588.650582&iv=fcdd9bc6-bbf6-431b-a2ea-f28d09d087ec:1706147588.6485445

Request Chain 1352

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=55850 HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=9031f432-95f1-4371-8f6c-243625f67bcf HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=9031f432-95f1-4371-8f6c-243625f67bcf

1361 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sky.pasukanantidepo.shop/
Redirect Chain

http://sky.pasukanantidepo.shop/
https://sky.pasukanantidepo.shop/

49 KB
12 KB

1016ms
852ms

Document
text/html

2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 87000dc1fc91f5f17e86030bd9875f8464a04c05e9daabd699fc5b9ae42270c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0af0fa40f84-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:36 GMT
link: <https://sky.pasukanantidepo.shop/wp-json/>; rel="https://api.w.org/" <https://sky.pasukanantidepo.shop/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://sky.pasukanantidepo.shop/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZnAzCT8SLdT0T1PByj5swiEaCJ2m%2BObxGkT9jcLlXrMB2bK1o0%2BOW%2Feg8x8uul63cfnhuqAgGwjB1rleizmvnsjEr7yl1wt8qKGtx%2F0Wcl0N%2F%2FT0EfAD9Nhqp2yBFEZc%2FDwDY9Sqof0IsPdur5fOfhL8pElNQg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 84ace0ad4805c342-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 25 Jan 2024 01:52:35 GMT
Expires: Thu, 25 Jan 2024 02:52:35 GMT
Location: https://sky.pasukanantidepo.shop/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8gDBBtFr1fLeBIoVCt9Rq6wVcuZ1vl12yRC4yAC2IO1dZT7C2F1ySe7eQD3XD%2FaCe8A8rgzdw9pKf74GmAevmt8Y6N7sVYkf99fitiutfyryO31%2FrXKLdJpUSlDvxxiwR%2BeF5zFl9VvTC5fTF%2BNlf4EGrxsBrk%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
sky.pasukanantidepo.shop/wp-includes/css/dist/block-library/ 107 KB
15 KB 908ms
902ms Stylesheet
text/css 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsEKOLEqCCwPiuAZ7ozl3BG0oVnqq9gs5EcOjoIYDMopdZs3imqD6cGHlG0PiffU7FkfLL%2BVyvmJ0oVtKwpW6i7YR1et4qNrHsPis4ttap7le5hODMULaYwbDLlgL77pi9kGQNhrgsafjPpP%2F1mX%2FzUEFxlo7i8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0b47dde0f84-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:36 GMT

GET
H2 200 sidebar-login.css
sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/ 2 KB
682 B 630ms
628ms Stylesheet
text/css 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1688220023
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btaOxTLY6blet%2FdohX8Vc2SUDjMzud6C5vJ0YlEtkqUJ7FgqI%2FoFYHzztvrI1jfMIOfV05QfXCHajArIgohBAP67j7AUSSKzvK4V49ZDVYX0oUhn1lw644eqTn2UzpveuHuwRX2AM6IMCR%2BGLSdve2Sv2mhuVuw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0b48df00f84-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:36 GMT

GET
H2 200 style.css
sky.pasukanantidepo.shop/wp-content/themes/asteroid/ 28 KB
9 KB 626ms
624ms Stylesheet
text/css 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 09:04:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCIAe6F9PfCzRB3zvc7j81WTi25p0Cp%2Fxlrb%2Fuo5iKpjkjKAkMuUypUyZ994r3D1gBxxDCPyu1r%2FWC7R6p6qwc6FBKk2imbC2bOAixteUDDW7s4lkYCC6ZNqe0enO5NJY%2BazWNgDpWCXHa7qX3yRHJl6wFot8to%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0b48df20f84-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:36 GMT

GET
H2 200 jquery.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/jquery/ 86 KB
31 KB 103ms
102ms Script
application/javascript 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:06:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86485
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGFs7tf94W7Kqa3ocxWlQV95yfv2hJ7h6FEdmxjZSXcY9kscgjgsYwt1PNtTZ%2BdtkBHqrrWcrgl5JKyY6z%2BRwVCHq3ntSWuBhiLyIR7fK0REkrXKTtOGsQ8tMfr0kEglnHEd%2F2IIYhqWq327Lj1HEUobeTsvOpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0b48df30f84-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 01:51:10 GMT

GET
H2 200 jquery-migrate.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/jquery/ 13 KB
5 KB 102ms
101ms Script
application/javascript 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Aug 2023 21:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123831
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skPJs3JeHiHURKlqcvDN3zfVTSg2PBBjpk3ipXSdRGYotOt%2FXfdIMp2KQ1HqYidEXPrxo1UOaVPOSDbzOVa%2BB6ejHpola%2BLah4Dk9lT3j6ve4pC4s8sI1whTaQavj32vbz1kL7WKSq4UMB4bCKnY%2BdrdBV8Ldd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0b48df50f84-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 15:28:44 GMT

GET
H2

200

/
bolo.treksantuy.xyz/
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

1020ms
969ms

Image
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Jan 2024 01:52:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIqlTB%2F5j8GZ38TR1Xglm%2BAusBxDEx2ThZorn4JRb6qeuJrn8sCZ4OeyooodrWY4jzOVHMXtaliljM9v2p6CCvpzp5f8sfjzalkBe154chpCjx3%2Bw4BrbBTXHQ6RkPp9mkjBKJLzflDgaI6xqphv8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 84ace0b61addc34b-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 02:52:36 GMT

GET
H2 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ 105 KB
106 KB 251ms
28ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 10 Feb 2024 18:03:15 GMT

GET
H2 200 new-bandarnalo.gif
antoboomerblog.files.wordpress.com/2023/10/ 100 KB
101 KB 48ms
47ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/new-bandarnalo.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:37:19 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 102622
expires: Mon, 05 Feb 2024 20:52:18 GMT

GET
H2 200 paitowarna.gif
antoboomerblog.files.wordpress.com/2023/10/ 156 KB
156 KB 35ms
35ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/paitowarna.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:35:44 GMT
server: nginx
x-orig-src: 0_mogiad
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 159643
expires: Sat, 24 Feb 2024 06:07:08 GMT

GET
H3 200 729x90-animated-1.gif
antoboomerblog.files.wordpress.com/2023/10/ 327 KB
327 KB 26ms
25ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90-animated-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Oct 2023 12:16:32 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335048
expires: Thu, 25 Jan 2024 15:20:51 GMT

GET
H3 200 729x90_agennalo.gif
antoboomerblog.files.wordpress.com/2023/10/ 327 KB
327 KB 72ms
67ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90_agennalo.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 19:28:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 334612
expires: Wed, 31 Jan 2024 13:26:16 GMT

GET
H3 200 unnamed-10.gif
antoboomerblog.files.wordpress.com/2023/11/ 270 KB
270 KB 94ms
89ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-10.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:31:01 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 276544
expires: Sat, 10 Feb 2024 18:12:52 GMT

GET
H3 200 unnamed-11.gif
antoboomerblog.files.wordpress.com/2023/11/ 247 KB
247 KB 100ms
95ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-11.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:32:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 252743
expires: Sun, 11 Feb 2024 14:05:02 GMT

GET
H3 200 unnamed-12.gif
antoboomerblog.files.wordpress.com/2023/11/ 282 KB
283 KB 360ms
355ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-12.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:33:50 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 289127
expires: Fri, 16 Feb 2024 22:13:10 GMT

GET
H3 200 unnamed-13.gif
antoboomerblog.files.wordpress.com/2023/11/ 514 KB
514 KB 111ms
106ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-13.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:34:55 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 526000
expires: Sun, 11 Feb 2024 01:50:47 GMT

GET
H3 200 unnamed-14.gif
antoboomerblog.files.wordpress.com/2023/11/ 291 KB
291 KB 149ms
145ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-14.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:35:54 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 297540
expires: Tue, 06 Feb 2024 19:30:34 GMT

GET
H3 200 unnamed-9.gif
antoboomerblog.files.wordpress.com/2023/11/ 194 KB
194 KB 170ms
165ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-9.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:27:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 198395
expires: Mon, 12 Feb 2024 22:33:45 GMT

GET
H3 200 unnamed-15.gif
antoboomerblog.files.wordpress.com/2023/11/ 388 KB
388 KB 178ms
174ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-15.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:37:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396918
expires: Tue, 06 Feb 2024 18:52:34 GMT

GET
H3 200 unnamed-16.gif
antoboomerblog.files.wordpress.com/2023/11/ 326 KB
326 KB 205ms
201ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-16.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:39:46 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 333383
expires: Mon, 26 Feb 2024 08:44:51 GMT

GET
H3 200 unnamed-17.gif
antoboomerblog.files.wordpress.com/2023/11/ 312 KB
312 KB 214ms
210ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-17.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:41:12 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 319266
expires: Wed, 07 Feb 2024 01:41:58 GMT

GET
H3 200 unnamed-18.gif
antoboomerblog.files.wordpress.com/2023/11/ 188 KB
188 KB 218ms
213ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-18.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:42:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192555
expires: Sun, 28 Jan 2024 07:29:10 GMT

GET
H3 200 unnamed-19.gif
antoboomerblog.files.wordpress.com/2023/11/ 280 KB
281 KB 228ms
222ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-19.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:43:23 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 286968
expires: Tue, 20 Feb 2024 13:23:07 GMT

GET
H3 200 unnamed-20.gif
antoboomerblog.files.wordpress.com/2023/11/ 351 KB
352 KB 247ms
242ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-20.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:44:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 359746
expires: Tue, 06 Feb 2024 10:24:45 GMT

GET
H3 200 unnamed-21.gif
antoboomerblog.files.wordpress.com/2023/11/ 265 KB
265 KB 258ms
253ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-21.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:45:42 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271048
expires: Thu, 25 Jan 2024 10:31:27 GMT

GET
H3 200 pasukan-anti-depo.png
sky.pasukanantidepo.shop/wp-content/uploads/2023/06/ 736 KB
737 KB 1183ms
1178ms Image
image/png 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sky.pasukanantidepo.shop/wp-content/uploads/2023/06/pasukan-anti-depo.png
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95cf5e4b3f56fa2d8aae7f6196f6cadb653b68b19520048c75a91ad12d6203df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:38 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 11:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OS8eLmmQX%2BRqExPn%2BSIFBFZuHSjZwEp8odnq4u0kjIoQ4R74WYWWfBfgWeprJZqewhbIgvRw%2B8qo4U8NzHc4SltDCHw63j4DAVQ%2FSrlhg%2F4yLyKBu3XQozM3YM62KVYmwZVVasRgind4qGhUfxhNGLS50hVUpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84ace0ba6a4a42f4-EWR
alt-svc: h3=":443"; ma=86400
content-length: 754054
expires: Thu, 01 Feb 2024 01:52:37 GMT

GET
BLOB 200
OK 902c55f1-d617-4da2-90d5-3164633f46ca
https://sky.pasukanantidepo.shop/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sky.pasukanantidepo.shop/902c55f1-d617-4da2-90d5-3164633f46ca
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK 4660281.gif
s4is.histats.com/stats/i/ 1 KB
2 KB 194ms
46ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4660281.gif?4660281&103
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: fe03d5e08b004f060477ef9bbdf515cf73018216f8fb304dc6d9badf788eb4d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:37 GMT
Connection: close
ETag: -1977197748
Content-Length: 1403
Content-Type: image/png

GET
H3 200 wlatogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 2 MB
2 MB 282ms
277ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/wlatogel88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1592720
expires: Tue, 27 Feb 2024 02:39:36 GMT

GET
H3 200 kaisartoto88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 1 MB
1 MB 294ms
289ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/kaisartoto88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:51 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1415984
expires: Thu, 15 Feb 2024 03:37:55 GMT

GET
H3 200 indolottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 1 MB
1 MB 304ms
299ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indolottery88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1417070
expires: Tue, 27 Feb 2024 00:44:14 GMT

GET
H3 200 dunialottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 997 KB
998 KB 312ms
307ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/dunialottery88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:57 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1021153
expires: Fri, 23 Feb 2024 22:10:23 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ 5 MB
5 MB 315ms
310ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H2 200 close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ 2 KB
3 KB 223ms
78ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v744"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="close.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:37 GMT

GET
H3 200 indoboss6d728x90.gif
antoboomerblog.files.wordpress.com/2024/01/ 2 MB
2 MB 321ms
316ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indoboss6d728x90.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2431527
expires: Fri, 09 Feb 2024 02:21:29 GMT

GET
H3 200 microtogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 2 MB
2 MB 326ms
322ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/microtogel88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2505021
expires: Mon, 12 Feb 2024 04:46:55 GMT

GET
H3 200 email-decode.min.js Show response
sky.pasukanantidepo.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 49ms
49ms Script
application/javascript 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.pasukanantidepo.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 15:56:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65aa9bb3-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLGd6LkFwFx5YH0JoPVU%2Bk8mpf0ScYW5G6CEbLDUWND%2FK8kpxbauaVWo6gRkQrXz60Shsx%2BrpDygD9z651TGkxBTWuya9aw1JrvTnwNLEi0ocR5B2WRYHqm%2B%2BUVoC%2B2G78ktHUvkXyHdoRP8riR%2FNvEtgGly1IU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84ace0b8effb42f4-EWR
expires: Sat, 27 Jan 2024 01:52:37 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/ 8 KB
3 KB 1432ms
1431ms Script
application/javascript 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 23:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNdgz21sZOS5fARvG%2B82cgziI9gC%2FGEyXMT2DpT4og4dw0VFQlDmdqAcxPDYE5kYLeP0%2BSk2z4OxI6V9wqS%2FLmg3St4Ub2Utmqc3HD0wCNLqiJ%2BdHd9tGkq6gsrU3mL7axq2ZKmoZSMs%2BDA9RsmW4OvFFgVzywE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0b9c95f42f4-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:38 GMT

GET
H3 200 regenerator-runtime.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/ 6 KB
3 KB 589ms
587ms Script
application/javascript 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Df5%2FPSKEA1AAx9uORUNiP6akzlaQ0SQDfccA8Cz912D8rHcGZGq1rmsZnJd%2BedQl80D3rF9S5xA69MVhPQvOv36tpjFUpJ8%2B4qSkk%2BgrtvS4rqOKy1f7CfNXv0Gi769Utj7qo1AUXPXo2LRIjZxsJjZ2qLhlKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0ba5a3a42f4-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:37 GMT

GET
H3 200 wp-polyfill.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/ 112 KB
36 KB 909ms
904ms Script
application/javascript 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFSVxccTjqy5GrL7B7sORbDHtX5ES3A6mGQ902TuVhBfDtrBdvTKA5%2Bk1onZGID5Uaub7oEYuIWisIseKxbP5L0vhCmnkivzjhl545of13%2FahFopnEx6D0q1LrLNIxiC1GxE0PeTA9plfuJE87bYxiM4Js3Hfyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0ba5a3f42f4-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:37 GMT

GET
H3 200 frontend.js Show response
sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/ 4 KB
2 KB 602ms
598ms Script
application/javascript 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hBlenco3LcxvnyVOmiwkJARlcQP1fMe%2B7GIHARFxVb5yWNE0fRCSkJ%2BHCHRr3DvTVgoOasPPazNGa9b5wQTJ%2F9pqdZ4igFLKd4DT67CrHJSqVYYE0TqcZUVxxxQIjROdwIGb4tmncuRZTz9P9m4iXrlr40y1Gg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0ba5a4042f4-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:37 GMT

GET
H2

200

/ Show response
bolo.treksantuy.xyz/ Frame D5AB
Redirect Chain

https://treksantuy.tech/
https://bolo.treksantuy.xyz/

62 KB
15 KB

1033ms
1032ms

Document
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: fbad6dc4504c5532ebfe0adaccd98487ef1ab3f6a13d5d3397bd9f2b06ecf044

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0bbe8e0c34b-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:38 GMT
link: <https://bolo.treksantuy.xyz/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FC2IX7Rq%2BbII%2B5sMoKTD20x5GBCWOVLMgoxYkbGfZDC44buLHAiaB5kQ3IJkZbjZLU%2BOoxe7ObLAFydleA79G8bl2qzL7HVUvbY88zRwtfIUpbJEs1HazTepWlIYZn13sdp%2Bni7FpF5SvZdvN0R9%2BEGp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 84ace0bb8b9041e1-EWR
date: Thu, 25 Jan 2024 01:52:37 GMT
expires: Thu, 25 Jan 2024 02:52:37 GMT
location: https://bolo.treksantuy.xyz
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17FLtSGJjmlD4AO0XN6hu8dBBSPPzvZQbyRuzOZ%2B2%2FDxmFq5D8AnfQYDznTfAgEW1DtofI8xF0PiTu4Cqn6BlLJJQcemWCEpydNeVtM6u6tOECpLa5WJe5wcq6sqwKFc57MWNaw3Mfg6l0B0YRg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

result.php Show response
wget.angkapaito.net/ Frame ACE6
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
813 B

164ms
146ms

Document
text/html

2606:4700:3037::ac43:b044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2497636d6c13bedc7f466897ad9690fb055dc123f481b599c9e1174a04fb17

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0bcb9c90f7f-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Icu8TMv3PZaoB8YxRIh0P7s3Rd7N1UkPuqX6b8NAuhl6cyfNcupDyYW%2BViKNYhCWjUYpm3OIVhGMT0B2kfElSP%2FFxRLTncQAml6jhizzsNueiblQ2M%2FqAwQjqxge8n1rV0%2BKLJ5zdCqzItBrf38oAgfu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0bbb8c00f7f-EWR
content-type: text/html
date: Thu, 25 Jan 2024 01:52:37 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHGg78rQenE3fjpbNT3wAZqSuOdUYCmhUjhL1V%2BuEAkgaSsrI72pQCFPrUxih7cZE55x1UeGPDOmH9Qyv63tWlrVtXhLt%2BSEJ33%2FgX8NyvvIQyeRmnI7b%2FECQ1Q8mb%2FNLZCGdd2jycOa1gr6Qy%2FszMBnsa4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ 105 KB
106 KB 292ms
292ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 10 Feb 2024 18:03:15 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 204ms
68ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68094
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0bb8f4941cd-EWR
content-length: 4547

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
king.laskar2d.xyz/ Frame 56C5 47 KB
11 KB 1310ms
1090ms Document
text/html 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e404e36423039012e2c65a0b6b38cd90cfe3b100dc8b10d0b70be47f7efb655f

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0bc3c11c3ff-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:38 GMT
link: <https://king.laskar2d.xyz/wp-json/>; rel="https://api.w.org/" <https://king.laskar2d.xyz/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://king.laskar2d.xyz/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PedGzqY2oZ2%2B7J1YcaX3YYsrcD%2B%2Bo%2Bfnj6u%2B99DTy7HCKo2Vjjowrqtxi9cEQB40ZTAPcmCulmBWT6PyWPCsIgiaedf9w5K9zSDfxGhxgciszasgbbvCQ9ABvEMvE6BcCnWdRsIb9C4O2sQ80mIUDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK 4660281.php Show response
s4.histats.com/stats/ 434 B
569 B 601ms
88ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4660281.php?4660281&@f16&@g1&@h1&@i1&@j1706147557763&@k0&@l1&@mPASUKAN%20ANTI%20DEPO%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@o1000&@q0&@r0&@s3026&@ten-US&@u1600&@b1:-169499835&@b3:1706147558&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 8fa6086592638a777f6f41ffabb181efb642c571892e578aa4c5b98f4bae0e56

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:38 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_3026.js Show response
s10.histats.com/counters/ 18 KB
8 KB 44ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3026.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8084ba0a6b770ebad7c2008062cce2addda48238bae32f6b720766072ed2937b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 31493
etag: "-935802188"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0c00c6741cd-EWR
content-length: 7812

GET
H2 200 / Show response
e.dtscout.com/e/ 7 KB
4 KB 402ms
233ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4660281.php?4660281&@f16&@g1&@h1&@i1&@j1706147557763&@k0&@l1&@mPASUKAN%20ANTI%20DEPO%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@o1000&@q0&@r0&@s3026&@ten-US&@u1600&@b1:-169499835&@b3:1706147558&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e2b708ffcf110a8eb87cbb4e6b3432f0a683b1aa0b3ca58ba5eb9d90a4b565

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:38 GMT
x-t: 0.26
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTNILnD7BezWyXiqFuu0Y0qZpsqJvRjE1YOHtVcAEaz2B2gqlNXCcdvhw6zLAmdaUxCzYZfcMaBmH3dtFfuuIyHrZzBShZuE2CfxMfzvVazHGejOC46wzwUWptRKivks%2BDq%2FCYiHUGIz2Zg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace0c119918c15-EWR
expires: Thu, 25 Jan 2024 01:52:37 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 943c6368a5480cf4d817121a274cfee0d86b65414ac092b208bd2f256bfac2d5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 style.min.css
bolo.treksantuy.xyz/wp-includes/css/dist/block-library/ Frame D5AB 107 KB
15 KB 856ms
849ms Stylesheet
text/css 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 23:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmXS3AKC0egubekncHM7jKKnnF87DNPqPaggT9u9LW%2FjaXC4doVHRdShQZY5vcNoRzPfiakCCitkjAJYnn%2FyX1QZD%2Fsb0zZNKo2E03dq%2FVoQ5RsvBtCeHzF5z26sBmZuOjLYM%2FZ%2BcX8Tik2jdmMflcCg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c31fa9c34b-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D5AB 9 KB
1 KB 229ms
54ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 01:52:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 01:52:39 GMT

GET
H2 200 genericons.css
bolo.treksantuy.xyz/wp-content/themes/frontier/includes/genericons/ Frame D5AB 28 KB
16 KB 44ms
39ms Stylesheet
text/css 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.3
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 07:26:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123989
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijrhqUjbEbk6WyVXbPYqc%2BSZgq6GpQEO%2BWB3BLTHf7l2mnapFz18jVxkeha7rAIluqhIiMzP%2BTCobsNOivUd6zoz0E%2FqDoDi17CV4XdAaBa4FKQVAkGvJH99snGXcxPnHGofQKO%2Fp0ok7kB362x4yRFT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c31faac34b-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 15:26:08 GMT

GET
H2 200 style.css
bolo.treksantuy.xyz/wp-content/themes/frontier/ Frame D5AB 22 KB
6 KB 601ms
596ms Stylesheet
text/css 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/themes/frontier/style.css?ver=1.3.3
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7261ac909063abccd2f148d068599ffff4a1b14efaef9d4d6811346195f5fe9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 14:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWltpOyztrnuBdDZ6%2Fkf2CV5k23p%2FBm4N9ik05xj5MdbeavOho29JQqhMuOQwr6qF19J%2FanbzWYDYQ8gY6gg6KFZ3%2BzQrlCw1aFtPcfC0DLx7%2FenVz5PWhMuex1sburR%2BDhSXU%2FJH4E%2BSeixYfs9UCan"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c31fb7c34b-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:38 GMT

GET
H2 200 jquery.min.js Show response
bolo.treksantuy.xyz/wp-includes/js/jquery/ Frame D5AB 86 KB
31 KB 55ms
50ms Script
application/javascript 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 23:50:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123989
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W41oZuAkvQK%2FJUbJUSpfSrPZndPyA03seV3ggUdHFhK3TcU8WfOXyglDIL4gzFVUox69sw1XW6valTerAqxI%2Bo51u9HEeuwfFIFK2AMLIv4Np4k4%2Bi5GY%2FsOhJ24d0PhSL7kVHMij28ScxGao8%2BgZyut"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c31fb8c34b-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 15:26:08 GMT

GET
H2 200 jquery-migrate.min.js Show response
bolo.treksantuy.xyz/wp-includes/js/jquery/ Frame D5AB 13 KB
5 KB 599ms
594ms Script
application/javascript 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 02 Oct 2023 10:08:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjzLabDEwWA%2BcIolm2%2BsBWcNB82ebM44FYOUVUGGP83JkzSxDeuQMUCPNBOkRGfzYrNKZInsf24VzlBjyHLq%2B%2FdZnou92N4aACDeCQQ9kB55SUB1z42P4vM0YMvnzcRCA8qQAf8n34DmRqbyoTMDfdrt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c31fb9c34b-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:38 GMT

GET
H3 200 wp-emoji-release.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/ 18 KB
5 KB 354ms
353ms Script
application/javascript 2606:4700:3034::6815:312f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:312f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Feb 2023 12:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpbZCBdUtoTn62UQocb9NFaF0GkkXS6p4Ng5sQbLS956wKm9yKxxeEsW0YVPrzogadvK8isInxQtGFtF0jXHR9bfzHZ6xxQ%2FoVSTSrSJhAwdKnnJ7fnHbTiBLYNVyFv%2BunRc1FCxRTx2oVurAT8lAkOorcOynS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c39d9842f4-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:38 GMT

GET
H2 200 style.min.css
king.laskar2d.xyz/wp-includes/css/dist/block-library/ Frame 56C5 107 KB
15 KB 885ms
880ms Stylesheet
text/css 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGNQwoMnJfUlYiXr1fG2GmukP7Yng2WDUbizojRdEAnXjRcqL0V9jRFv7KTJk5gJFb8emf14iHx52LJZ4%2Bfm0%2BW3qcIxWioflpJjAY4w7rwmh2zg3DP%2F5Z3H5%2B4bYD%2BFadxONsI76EbboiZ6nXejSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c3af08c3ff-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:38 GMT

GET
H2 200 sidebar-login.css
king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/ Frame 56C5 2 KB
755 B 587ms
583ms Stylesheet
text/css 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1688220023
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQusMo3ugJfhOzMoXH6J95acOlO83%2Fz0YQmBJLmnZwgr10LDqy8iBi5zrVMFAqbhYEVOTeQxMP%2BzSgbRQ96ZD5slWL6KWg4N4eR7Nj7Le1CTVD4DE3XoQQrR%2F4eRWDgK3aCM81s7Ce%2FuT3JrgIBPJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c3af0ac3ff-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:38 GMT

GET
H2 200 style.css
king.laskar2d.xyz/wp-content/themes/asteroid/ Frame 56C5 28 KB
8 KB 623ms
619ms Stylesheet
text/css 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 26 Aug 2023 13:42:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3AtdhuDfm4CWgUUZqbEwygOc%2BqQly8YXew5s5ewCfpaE%2Bz%2FIdVFMV6YGK5CdnqRh9IBH9WxMg5efFORUs1%2B%2Fdio3OL2B6BovVSdXb1rgD799E3Fi4v0M%2FpLFJxc%2FRt5wZQMFqho1lb2t5DTdSoAAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c3af0bc3ff-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:38 GMT

GET
H2 200 jquery.min.js Show response
king.laskar2d.xyz/wp-includes/js/jquery/ Frame 56C5 86 KB
31 KB 885ms
881ms Script
application/javascript 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:21:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0YJDAuqovmLHIqMfoUG%2B%2F8f0X3MFXD8LI1E2yZGIdgnNWX994i2ZDlncMEm04S1TbTLAboGGp9XHWjM8sn6QB90YpP%2FriUQ86HZdTVPB1%2FFaqiGVd5Vh0pzhLal3u5yAvpyibQfN5W1Z0sf8dP0bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c3af0dc3ff-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:38 GMT

GET
H2 200 jquery-migrate.min.js Show response
king.laskar2d.xyz/wp-includes/js/jquery/ Frame 56C5 13 KB
5 KB 621ms
618ms Script
application/javascript 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 21:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKwsK6YCZ8GqSkgoEI19IYZdgtf2BfrtdaYmpODYlUxUJpfkpoOpUoH9fKDi5%2BdTqj8irUHvY0Ys8LVv9Tr5HR4JXag4QeoEfkxSFUk4Iw04jwuR408WOhYceABDSvm2ui3n8wGlhfXdxgOALrp3%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c3af0ec3ff-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:38 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 5 MB
5 MB 188ms
185ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:38 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H2

200

/
bolo.treksantuy.xyz/ Frame 56C5
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

754ms
754ms

Image
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Jan 2024 01:52:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3mOl6NJCLuNAPh3dEOF13LqmiIFwyoK9TJPqnuH%2FtwBPLBumixAkgN9iKZ5VjndcWZO4CeuDz1%2BH9mOXxiSABgVzOP0vNTF7M8mvzrkbxAshNyeMNL3EGH9LsdHDrHETc9BzyhCMyYrR8dr%2BaAoCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 84ace0c3a888c34b-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 02:52:38 GMT

GET
H3 200 unnamed-1.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 205 KB
205 KB 378ms
377ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-1.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bfcef82755bac56e01032d196dc587e851fcfb9a2a1882c7e283b9ea451a17a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:46:35 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 210028
expires: Mon, 12 Feb 2024 10:35:33 GMT

GET
H3 200 unnamed-3.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 224 KB
225 KB 383ms
381ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-3.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e78ac302ebdef9842d5c628cef762ed1ad4b9650dd4915810cbf3cdaa86010c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:48:07 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 229818
expires: Sun, 04 Feb 2024 06:51:54 GMT

GET
H3 200 unnamed-22.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 292 KB
292 KB 386ms
375ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-22.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d30f436b9752f07747f2b72cc77985554918de4f9b5e74c65271c89e3b1501b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:19:02 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 298675
expires: Tue, 06 Feb 2024 06:20:20 GMT

GET
H3 200 unnamed-5.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 362 KB
362 KB 391ms
381ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-5.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87d3abed87820941c3f8f4d8cc01563a8ef74d7886c948b9b0da3e3929bfce92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:51:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 370255
expires: Mon, 29 Jan 2024 17:58:49 GMT

GET
H3 200 unnamed-6.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 507 KB
507 KB 400ms
389ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-6.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ac6002b55a7bc33de07da0fc1391dbd8b61598823a7768591aed4b0e4a5e421a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:53:48 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 519311
expires: Thu, 01 Feb 2024 13:36:16 GMT

GET
H3 200 unnamed-7.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 528 KB
529 KB 427ms
416ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-7.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06710711e7517c22412aa923d472e9cce857b02605e4c0049cdc7edb666a132c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:55:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 541175
expires: Thu, 01 Feb 2024 12:45:20 GMT

GET
H3 200 unnamed-8.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 355 KB
356 KB 426ms
415ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-8.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ee5599420176d6c73cb80505f7d287e527d903336f0cfb2348ace130fb7d6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:57:28 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 363774
expires: Fri, 02 Feb 2024 21:18:28 GMT

GET
H3 200 unnamed-28.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 328 KB
328 KB 434ms
424ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-28.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8ac1e08581c5691d74fb1a69b925f400e14db93ddc9451db0b72456e4af3a2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:13 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335785
expires: Mon, 12 Feb 2024 15:00:38 GMT

GET
H3 200 unnamed-27.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 289 KB
289 KB 436ms
426ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-27.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cdf948f65cf951821da557dc5b8cc9067c64589070285feab8aa6f7c64657e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:18:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 295549
expires: Tue, 30 Jan 2024 10:59:57 GMT

GET
H3 200 unnamed-26.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 262 KB
263 KB 464ms
454ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-26.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbd4ea5e26cff619ebe31130ce16126cdcaff265a697139b20c80a960954832f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:17:49 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 268554
expires: Sat, 27 Jan 2024 19:14:15 GMT

GET
H3 200 unnamed-24.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 228 KB
228 KB 465ms
456ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-24.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e22819d3433cfdb5d3f848fee01b7cccc863970901de5efa3e80a7eadbd48c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 232980
expires: Wed, 21 Feb 2024 11:31:06 GMT

GET
H3 200 unnamed-25.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 693 KB
693 KB 477ms
468ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-25.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e31a5516051e3dcd6be48ada99dbf2d270db37dd3a304fded21e105f6c733bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 709526
expires: Sat, 27 Jan 2024 08:23:41 GMT

GET
H3 200 unnamed-29.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 193 KB
193 KB 523ms
514ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-29.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2388f1b8ef95668322254f1ae8523c148beceddccd6e239bd683281835e1180b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 197657
expires: Mon, 05 Feb 2024 21:03:21 GMT

GET
H3 200 unnamed.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 250 KB
250 KB 517ms
508ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:44:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 256150
expires: Thu, 15 Feb 2024 13:06:36 GMT

GET
H3 200 unnamed-10.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 270 KB
270 KB 480ms
472ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-10.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:31:01 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 276544
expires: Sat, 10 Feb 2024 18:12:52 GMT

GET
H3 200 unnamed-11.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 247 KB
247 KB 489ms
480ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-11.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:32:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 252743
expires: Sun, 11 Feb 2024 14:05:02 GMT

GET
H3 200 unnamed-12.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 282 KB
283 KB 515ms
506ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-12.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:33:50 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 289127
expires: Fri, 16 Feb 2024 22:13:10 GMT

GET
H3 200 unnamed-13.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 514 KB
514 KB 525ms
516ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-13.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:34:55 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 526000
expires: Sun, 11 Feb 2024 01:50:47 GMT

GET
H3 200 unnamed-14.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 291 KB
291 KB 564ms
556ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-14.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:35:54 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 297540
expires: Tue, 06 Feb 2024 19:30:34 GMT

GET
H3 200 unnamed-9.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 194 KB
194 KB 570ms
562ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-9.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:27:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 198395
expires: Mon, 12 Feb 2024 22:33:45 GMT

GET
H3 200 unnamed-15.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 388 KB
388 KB 574ms
567ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-15.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:37:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396918
expires: Tue, 06 Feb 2024 18:52:34 GMT

GET
H3 200 unnamed-16.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 326 KB
326 KB 596ms
588ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-16.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:39:46 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 333383
expires: Mon, 26 Feb 2024 08:44:51 GMT

GET
H3 200 unnamed-17.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 312 KB
312 KB 597ms
590ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-17.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:41:12 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 319266
expires: Wed, 07 Feb 2024 01:41:58 GMT

GET
H3 200 unnamed-18.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 188 KB
188 KB 604ms
597ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-18.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:42:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192555
expires: Sun, 28 Jan 2024 07:29:10 GMT

GET
H3 200 unnamed-19.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 280 KB
281 KB 610ms
604ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-19.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:43:23 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 286968
expires: Tue, 20 Feb 2024 13:23:07 GMT

GET
H3 200 unnamed-20.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 351 KB
352 KB 614ms
607ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-20.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:44:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 359746
expires: Tue, 06 Feb 2024 10:24:45 GMT

GET
H3 200 unnamed-21.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 56C5 265 KB
265 KB 627ms
620ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-21.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:45:42 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271048
expires: Thu, 25 Jan 2024 10:31:27 GMT

GET
H/1.1 200
OK 4794504.gif
s4is.histats.com/stats/i/ Frame 56C5 1 KB
1 KB 264ms
120ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4794504.gif?4794504&103
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 118de8cf537f918fddebc1a3e05e71080d7b4bf810fa9b1f21870de27c89ac69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Connection: close
ETag: -844068662
Content-Length: 1037
Content-Type: image/png

GET
BLOB 200
OK f0fc4d71-c595-4c22-b30f-96439bde48bd
https://bolo.treksantuy.xyz/ Frame D5AB 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bolo.treksantuy.xyz/f0fc4d71-c595-4c22-b30f-96439bde48bd
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 81B9 1 KB
801 B 219ms
208ms Document
text/html 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A0170614755864712164A73D22398F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbb819b3d7b809e1b07a1ab6a3d0e87b89d4fe432d06defa2330a27d905ecace

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84ace0c40cc68c15-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:39 GMT
expires: Thu, 25 Jan 2024 01:52:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSnjQS9HdVvMp3RIb6WL%2F2SRogZ8Yr7rPYowMWG6n11SCeXhopiwuSv7881oxxXN2NguJkY3mTg5xEHeWM0HLA2k73BelKxiZPrvWGIUjXhgKoiTtojmvUrH82GZ1FaF95TD0NxXLmwx8HE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 905ms
62ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70514
x-amz-cf-id: WCPI55xmgDvUBWaH8uyoORs6TqZo_u6feVqwRGjbvHs_J9low5vtOQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 927ms
87ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 19 KB
6 KB 897ms
58ms Script
application/javascript 104.18.34.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:08:56 GMT
server: cloudflare
age: 72948
etag: W/"651ed188-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 84ace0c939d96992-PHL
expires: Sun, 28 Jan 2024 01:52:39 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
350 B 232ms
221ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=sky.pasukanantidepo.shop&_ss=4i29c2cse4&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=2unh&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75b0bb363405bfd9ea9fa89ac607b4620e127017507e8d532607eab88267304

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
x-t: 0.12
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE0cEYhSlrBsRoGpVFp5mtMuBITkjwnr%2B0j57Cz2IqZ4oycHZHF9Up%2BqX6pFGMl5yn583rlmMFk85gvullTQVRtxG6Gc5uNdfiptszM9U7B%2FT0sDwuimGp9AVEaHc%2BuItsZGsOuby0wHPDM%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace0c41cdd8c15-EWR
expires: Thu, 25 Jan 2024 01:52:38 GMT

GET
BLOB 200
OK 1706cd09-9cfd-48f2-8894-0c431188e455
https://king.laskar2d.xyz/ Frame 56C5 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://king.laskar2d.xyz/1706cd09-9cfd-48f2-8894-0c431188e455
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 wlatogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame D5AB 2 MB
2 MB 124ms
123ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/wlatogel88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1592720
expires: Tue, 27 Feb 2024 02:39:36 GMT

GET
H3 200 kaisartoto88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame D5AB 1 MB
1 MB 126ms
125ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/kaisartoto88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:51 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1415984
expires: Thu, 15 Feb 2024 03:37:55 GMT

GET
H3 200 indolottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame D5AB 1 MB
1 MB 190ms
118ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indolottery88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1417070
expires: Tue, 27 Feb 2024 00:44:14 GMT

GET
H3 200 dunialottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame D5AB 997 KB
998 KB 194ms
123ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/dunialottery88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:57 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1021153
expires: Fri, 23 Feb 2024 22:10:23 GMT

GET
H3 200 7meter_gif-banner_prediksi_728x90.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame D5AB 120 KB
120 KB 202ms
131ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/7meter_gif-banner_prediksi_728x90.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d80f6523545dad74a52c6afbc2db2210fa1418e86cdf000233c482e199ed8b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:00:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 122788
expires: Wed, 31 Jan 2024 23:20:36 GMT

GET
H3 200 728.gif
bolo.treksantuy.xyz/wp-content/uploads/2024/01/ Frame D5AB 4 MB
4 MB 1178ms
1115ms Image
image/gif 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/wp-content/uploads/2024/01/728.gif
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d771c7db362c1697c04dbb3e24720ad5ef4c73f75daaeedc4e1b1fe640509bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 11:02:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pelDth6ipO2oXhq1pqO1XbPNwJwkYuILyLyQ9DF2L3jey7acfjWuEAvHl6o3IFduAGXrEtKKUTc3Ap8tICFNcqLvPL046aDFZEZFKwTg9kqZ1fK%2FJiafeFL09CftwjHLe4J8JpqulSBzoiaW5YzIzJC%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84ace0c92f63434a-EWR
alt-svc: h3=":443"; ma=86400
content-length: 4392563
expires: Thu, 01 Feb 2024 01:52:39 GMT

GET
H2 200 close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ Frame D5AB 2 KB
3 KB 122ms
52ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v744"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="close.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:39 GMT

GET
H3 200 indoboss6d728x90.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame D5AB 2 MB
2 MB 232ms
174ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indoboss6d728x90.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2431527
expires: Fri, 09 Feb 2024 02:21:29 GMT

GET
H3 200 microtogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame D5AB 2 MB
2 MB 234ms
177ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/microtogel88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2505021
expires: Mon, 12 Feb 2024 04:46:55 GMT

GET
H3

200

/
bolo.treksantuy.xyz/ Frame D5AB
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

44 KB
44 KB

1129ms
1128ms

Image
text/html

2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAxQ7Jdjj4RucFvZ9IZI%2FZUzNaBHipvgw5TdUHiXyU%2F0L4EkaRxMBrYvWzvSp%2FoaEgzj0uEJiIL%2B%2BAlZxp3pRuK%2BDK9o5QvGhrPZKysEijDVpRR4njbuxG4mLA9HfFn5IPgk0AMg162AGtEMbVjeXeO1"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c99fe4434a-EWR
link: <https://bolo.treksantuy.xyz/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 25 Jan 2024 01:52:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSZZUZwk1YkitElQg4wfXnOkFMmvlWgPhe62xVukefH4LJEWyZ%2FODXcVwlYUgaQ1W7%2FtU%2B2%2BBCcmAuOIpSHhozJLaBdr2dOXPIz606UwICJAUqJWVwJnA73F%2FaMxbk71rwiybfeK5vO8RTswsuLiFw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 84ace0c92be943c3-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 02:52:39 GMT

GET
H3 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame D5AB 105 KB
106 KB 856ms
804ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 10 Feb 2024 18:03:15 GMT

GET
H3 200 new-bandarnalo.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame D5AB 100 KB
101 KB 232ms
181ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/new-bandarnalo.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:37:19 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 102622
expires: Mon, 05 Feb 2024 20:52:18 GMT

GET
H3 200 paitowarna.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame D5AB 156 KB
156 KB 287ms
241ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/paitowarna.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:35:44 GMT
server: nginx
x-orig-src: 0_mogiad
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 159643
expires: Sat, 24 Feb 2024 06:07:08 GMT

GET
H3 200 729x90-animated-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame D5AB 327 KB
327 KB 290ms
245ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90-animated-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Oct 2023 12:16:32 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335048
expires: Thu, 25 Jan 2024 15:20:51 GMT

GET
H3 200 729x90_agennalo.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame D5AB 327 KB
327 KB 984ms
938ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90_agennalo.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 19:28:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 334612
expires: Wed, 31 Jan 2024 13:26:16 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame D5AB 5 MB
5 MB 983ms
939ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H/1.1 200
OK 4789234.gif
s4is.histats.com/stats/i/ Frame D5AB 1 KB
1 KB 205ms
91ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4789234.gif?4789234&103
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 6e1368baafba1ee14412488bb7814ced3980e0cd97393d173c4114f28a02bd7c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:39 GMT
Connection: close
ETag: 1748767618
Content-Length: 1236
Content-Type: image/png

GET
H3 200 ibetwin_gif_400x400.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame D5AB 1 MB
1 MB 371ms
343ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/ibetwin_gif_400x400.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

730412109bc24c266a27e4c2248182c8952c1ec999199851413a1779cd7d0ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:13:14 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1280443
expires: Tue, 27 Feb 2024 00:44:43 GMT

GET
H3 200 jquery.modal.css
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/ Frame D5AB 823 B
810 B 670ms
600ms Stylesheet
text/css 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HzXv7UWHfZmAuW5lHfaRrlmko74mD1sHjJZTpMwOsjoMm9yYRulLZ6sp2Xv%2B7A4x2TDbZDSu1UIowd1jUcZSszOCM5vVByEtvBUi4aLH1wtiDEz8m0D6HVYeIWrhGTbYIj8pCoQjir8ForzdeLYN6RV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c92f5b434a-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:39 GMT

GET
H3 200 popups.css
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/css/ Frame D5AB 2 KB
1 KB 681ms
612ms Stylesheet
text/css 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zzqZtWpCYTAOKTf0tSJQpETFkGdGi7VGQXJZdEf6AJjS0ye3ErWEiQ8jWDUU0S5j20PAdK3DwyzWs5VnrVNuHMbwEs1y8Cy5utspe%2F9VZkUyUyShSiyQb4HgLTea5gOTIxMO65BO9yDixQRTLsHFjLw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c92f5c434a-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:39 GMT

GET
H3 200 email-decode.min.js Show response
bolo.treksantuy.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame D5AB 1 KB
1 KB 104ms
39ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolo.treksantuy.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 15:56:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65aa9bb3-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZcM6aKZawB9w%2Fdh1SRNi63pmg9bRSYAREXoDG5BjlO%2FBJ37H18nxS4GES006nUxEufVQhQxqIlEeMRPspsUt%2FsRoot1K9%2BM%2Bk%2BPbE3OrXuj8P4O%2B4HBm%2FKAKEd9Tf30EaxXCw7HF5SdL%2BBelDmFGtV%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84ace0c92f5e434a-EWR
expires: Sat, 27 Jan 2024 01:52:39 GMT

GET
H3 200 jquery.modal.min.js Show response
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/ Frame D5AB 4 KB
2 KB 665ms
600ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PramVS3a6cfcvcRHt1qVdzBtYepiVXc%2BJhiY1gHHedShTU60BLy1lDtRA9DPqyxRkh4s2tI2h6gCz9WTgJh5OWuOxoUU8bIa3C8euk%2B0qI3fnT9wbZYLk%2Fi82LCIliz8wjx8wkjk2THqIHBJa05ZdFs9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c92f5f434a-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:39 GMT

GET
H3 200 popups.js Show response
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/js/ Frame D5AB 2 KB
1 KB 661ms
596ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAixuAipiqTd6TiuK9X2xtDp7giX4qmmJ8EmSt5Swf7u3nREZFPNtBSKZ5JMw%2BZM9B4vKZZo3NwoXvub7TpHk04jiPFa4ff0ovNJca5OMBbWSSOXGyMXw2OzI%2Fu%2BYYrwq6ZARI1cy%2FyfFXm6rj9%2B0Wf4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c92f62434a-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:39 GMT

GET
H3 200 email-decode.min.js Show response
king.laskar2d.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 56C5 1 KB
1 KB 40ms
29ms Script
application/javascript 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://king.laskar2d.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 15:56:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65aa9bb3-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfnHNYQfN6VfE93MAMKTso%2BMmgQ%2BmDKk%2BAsym6oFJYG3hKNv07R8VB9B0HzrR%2FFc8h%2FzLIXgmZydhvRRkb3D80yhITIcOlVc6A01T7QiyVAHFdpyJpRHf1e7Bz8wvCjN4Z0UUSdKvjEDjYLD%2BET9SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84ace0c9cf8e424a-EWR
expires: Sat, 27 Jan 2024 01:52:39 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
king.laskar2d.xyz/wp-includes/js/dist/vendor/ Frame 56C5 8 KB
3 KB 62ms
51ms Script
application/javascript 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 23:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 286763
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaAD9xFV%2FhfhKPNAoWvaWUQPligNNZicCt5msSmne761NPB1Js%2FpAZprT90Tapo1hC8piVQmVca04GhUr%2Bi%2FRwRRPCp%2FZELTl6mjqEFMbkv0bIg7xZo%2FkhmT0zAkYzdHKWGdBF7ykry%2FIFpQp055UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c9cf93424a-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 18:13:16 GMT

GET
H3 200 regenerator-runtime.min.js Show response
king.laskar2d.xyz/wp-includes/js/dist/vendor/ Frame 56C5 6 KB
3 KB 63ms
52ms Script
application/javascript 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 286763
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kuxB7hmoLunSNEzaP6rtklSh6rPcnmrgHYuLMwMjWcVe3NfLdD4CY7%2FWtulUS0%2BI%2FVPsT13xaP8%2BRq5ANtmUcL5%2FXnhbZJ1N5dnQFZbRCOBjbdThQcHTTRPmh4G%2BFoOytkfLHbzf8%2BS%2FGENXN1Olw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c9cf94424a-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 18:13:16 GMT

GET
H3 200 wp-polyfill.min.js Show response
king.laskar2d.xyz/wp-includes/js/dist/vendor/ Frame 56C5 112 KB
36 KB 78ms
67ms Script
application/javascript 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 286763
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adOW4y44CrWihlS2K1oTbS6Ri2bBPjADZj%2Fm3QulDYJbjgCk9KsAghtP8vjGKjLinu8roTPT1qof8FyX6jBkmXmWuJ2iTKCvT6l7l4JWRRMb3wZAigUjqYZe8J2%2FUskDBc6eJa8te3dyOYhKzKl1jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c9cf95424a-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 18:13:16 GMT

GET
H3 200 frontend.js Show response
king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/ Frame 56C5 4 KB
2 KB 62ms
52ms Script
application/javascript 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 286763
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AypxCOVMC%2F3OxgXQWjH4PzGPkBFU1j3iQe2bI9gECEO2DBV3kGoPAtzSPQ%2BAjFpkfnzayRkWYONMl7Jg3aDNz1XSYdMk%2FsQHJuvYyk%2BnGzyzUoMQXvDt2npv8KevmzJia9OhbNh7e7E4p4gzXDTEQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0c9cf97424a-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 18:13:16 GMT

GET
H2 200 2b50.svg
s.w.org/images/core/emoji/14.0.0/svg/ 554 B
653 B 612ms
64ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2b50.svg

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

403

ZdO9uN
momen.tm/ Frame D5AB
Redirect Chain

https://treksantuy.asia/wp-content/themes/frontier/images/honeycomb.png
https://momen.tm/ZdO9uN

0
0

401ms
46ms

Image
text/html

52.21.33.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://momen.tm/ZdO9uN
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Server: 52.21.33.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: us-ip-1.short.io
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Jan 2024 01:52:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hnc4rduy1zOpprmbgk7WUWmGgM4sEnZqnYaogZiN2e285RviKnh9R05FDt4JYde6RFOS8mAdxqdZiEITroJhuKwoNTu67GEJfY5Fqbdx2GAKmZf1JhGMHiu8dSLL%2BjSgskPZlWTvXbhspgmXZxg%3D"}],"group":"cf-nel","max_age":604800}
location: https://momen.tm/ZdO9uN
cache-control: max-age=3600
cf-ray: 84ace0ca7abc4258-EWR
expires: Thu, 25 Jan 2024 02:52:40 GMT

GET
H2

200

result.php Show response
wget.angkapaito.net/ Frame A3AF
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
776 B

84ms
83ms

Document
text/html

2606:4700:3037::ac43:b044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2497636d6c13bedc7f466897ad9690fb055dc123f481b599c9e1174a04fb17

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0c9bcb50f7f-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=331xxEaF5%2F7B557stAvd2n5CwF2jrdaGaeikV4EVXUTQqJZ6L0BC6GDPNgG9HE4xo%2BzsJiJFGkyey5Q7J1V3Gx8ZEDMtFUMiHbbUpMZAUW%2FXGEn9lc%2BqIXvkH3wvBTobZ12lPkzyDE1sBp4x0PKcrcV8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0c92b8c0f7f-EWR
content-type: text/html
date: Thu, 25 Jan 2024 01:52:39 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHpslLtnEhM%2Fb6I2OayG6D%2Fv7LCMCp6QuGCmstLEpqj1Bb7uPtOZYza7%2F4gVW2OWOaUX%2FKE5UaDR96Wt7RuVYtoBGtrxt9sMbJNrmbNmmLHuCxlypEIASaJpSC%2Fdhfz%2BWJABB9unAVHOqQwxO9QvNWUbHDc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame D5AB 105 KB
106 KB 345ms
332ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 10 Feb 2024 18:03:15 GMT

GET
H3 200 7meter_gif-banner_prediksi_728x90.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame D5AB 120 KB
120 KB 347ms
335ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/7meter_gif-banner_prediksi_728x90.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d80f6523545dad74a52c6afbc2db2210fa1418e86cdf000233c482e199ed8b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:00:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 122788
expires: Wed, 31 Jan 2024 23:20:36 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame D5AB 11 KB
5 KB 66ms
47ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68096
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0c92f5141cd-EWR
content-length: 4547

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame D5AB 50 KB
51 KB 181ms
46ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bolo.treksantuy.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:16:29 GMT
x-content-type-options: nosniff
age: 538570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:16:29 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 58 KB
18 KB 260ms
66ms Script
text/javascript 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:33:31 GMT
content-encoding: gzip
via: 1.1 9d71affbaf22baf23eab459f3d2ee77a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P1
age: 44650
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: NwO3uHWfkov14gJn0kfH5OQZPFxHHyFntbwUJhU7IsvcIi7plZHgZg==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
603 B 299ms
107ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
x-t: 0.85
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I49BUh6K%2ByfvVxM%2Bw5QNc2vUaDT9DR4%2FVYaY%2B8yNichudCLbbuztUPYhg8Pmeuh4oinbm1eNGvtIuIo5%2BTKGBa9fI8r3pA%2BXVir6KM%2FhxS23jDrV41EKfStIp%2F4cEHQs5hHQVgivpijLjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 84ace0ca8a4ac32b-EWR
expires: Wed, 24 Jan 2024 23:32:25 GMT

GET
H2

200

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A0170614755864712164A73D22398F
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=5ba18abdb97d84a1

62 B
427 B

425ms
100ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=5ba18abdb97d84a1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 25 Jan 2024 01:52:40 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=5ba18abdb97d84a1
content-length: 0

GET
H2 200 / Show response
rtx.dudasoleh.lol/ Frame BBD3 53 KB
13 KB 1260ms
1087ms Document
text/html 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 9bc34104becf0f70b8d0412f899571779471946759470dda9132c7e0ab2f50da

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0ca8deb78d6-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:41 GMT
link: <https://rtx.dudasoleh.lol/wp-json/>; rel="https://api.w.org/" <https://rtx.dudasoleh.lol/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://rtx.dudasoleh.lol/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vrKkGoufDNiAZHETBlAlLe3uZC9EUlz5k0TArqY0r3OucDj1OCBuRzKuEUgapOOeT%2FYE3IASSff3GWZVQ8wB8VUCHNe2tLRWTb4KzslglZzGbCLswBp6vPXaV56qEIAadwBMi68SZi0U45AuwpeDw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2

200

result.php Show response
wget.angkapaito.net/ Frame EF8A
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
774 B

119ms
118ms

Document
text/html

2606:4700:3037::ac43:b044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2497636d6c13bedc7f466897ad9690fb055dc123f481b599c9e1174a04fb17

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0cacde70f7f-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFZni4vHVsGn4783w%2B3XEwQgBPzdQigxXTjgK2mFh3UXRWwMNkEHC4MXFjCdItDeSMHrJlyn4p4ZWadF9iGBvClfGWveyImyqurwSAGCCfCwSEiBO0sjAf8EtsbYGPxqtLu6oENnR71zbBzT39A54zt0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0c9ccd00f7f-EWR
content-type: text/html
date: Thu, 25 Jan 2024 01:52:40 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4amCpHrhCPsNLI8cDWCpUJDuRNDIw7K3nON5qYKDJU6v8D8YWuRkEWR0iZuWSZqjf%2FclJ1c0G4UTVd7mWaNSvGvrP6HtYZhsgY3lf%2F%2FrdXBczN5SlOsHOB9tGKRMxh0pM5uUNpHCqP6Ay6mBFLHCOUILJQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 56C5 11 KB
4 KB 47ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68096
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0c9c80341cd-EWR
content-length: 4547

GET
H/1.1 200
OK 4789234.php Show response
s4.histats.com/stats/ Frame D5AB 436 B
571 B 199ms
55ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4789234.php?4789234&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mTREK%20SANTUY%20%E2%80%93%20ANTO%20BOOMER&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s432&@ten-US&@u1600&@b1:124949390&@b3:1706147560&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: d72c8adb9972c2d7a5f2b03a917eb656dbae5266b674d46a0d7fabcb2d3d6847

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 50 B
456 B 269ms
74ms Fetch
application/json 52.84.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.18.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-18-2.ord53.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
via: 1.1 782cd53d3d23369feee6e4656bafe94a.cloudfront.net (CloudFront), 1.1 b355b23fdbed3c58c37ede4924bc4602.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, ORD53-C2
x-amzn-requestid: 89389945-d376-434c-ad7f-c030a57d4240
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SErEVEsKiYcEpvA=
content-length: 50
x-amz-cf-id: X93aA0gYMM1K1GElXcffy9lg5Fp4Lx1qyF9xxz02VCNUWS7TBu_jHQ==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 183ms
33ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.06131200856376484&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:40 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 46ms
39ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&event_source=dtscout&rnd=0.06131200856376484&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 56C5 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 241ms
65ms Image
image/gif 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1706147560083&dn=AFWU&iso=0&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&t=PASUKAN%20ANTI%20DEPO%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&chmob=0
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 / Show response
markas-prediktor.info/ Frame 2414 114 KB
26 KB 1314ms
652ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

f8250d804246087f3cde719cfe1deafd57ec52a45a8144f2283ec93adfc56c32

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:41 GMT
link: <https://markas-prediktor.info/wp-json/>; rel="https://api.w.org/" <https://markas-prediktor.info/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://markas-prediktor.info/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H/1.1 200
OK 4794504.php Show response
s4.histats.com/stats/ Frame 56C5 434 B
569 B 248ms
125ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4794504.php?4794504&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLASKAR2D%20%E2%80%93%20PREDIKSI%20ANGKA%20TOP%20LASKAR2D%20HARI%20INI&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-38906105&@b3:1706147560&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fking.laskar2d.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 322cd64275df2605f7dec93bf6895060754dcff188ce2d3f76111bf2b5822c57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js Show response
king.laskar2d.xyz/wp-includes/js/ Frame 56C5 18 KB
5 KB 42ms
41ms Script
application/javascript 2606:4700:3037::ac43:84cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:84cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 12:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 590667
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRxgeq32d1LexCJYmLlIZAGH2cPWMKr4n%2FZheKNe2s%2FQ0ApXNzLIos0qC8yG%2FCwrPb8VJPnAA7%2BVzzq%2FGL9azwOfw8i%2BfdWTYyO6sWcM8wlqFDMJo1%2Fqfih8RtlP81u%2F1sFCQuJ6hlRB%2F13fcvtlJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0cb3969424a-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 05:48:13 GMT

GET
H2 200 cc_432.js Show response
s10.histats.com/counters/ Frame D5AB 18 KB
7 KB 52ms
36ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_432.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60753d7fdcfbff1bc5de6cfa1b1d7c4041e32257bebaa6459843f9e6e5dbe302

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 31581
etag: "1507603602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0cb89cd41cd-EWR
content-length: 7502

GET
H2 200 / Show response
e.dtscout.com/e/ Frame D5AB 7 KB
4 KB 210ms
201ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4789234.php?4789234&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mTREK%20SANTUY%20%E2%80%93%20ANTO%20BOOMER&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s432&@ten-US&@u1600&@b1:124949390&@b3:1706147560&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4521820d5e41f49128cae1ad2443ac91c7a988b4b1d357e85a3ed886174c007b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
x-t: 0.238
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJUYOMJ4Q%2F%2BJSHvPOFefkuxsBe6iYXHSiTDtLNgrNszX%2BbyZq6pX3RZfZFAxvB15HKUu1Y3fgfzvxI9ZXMT0mDyqN4BncH2ljCbd1XjG7muE2isTmS3KSS8tGx8wRqBTs44%2BrbVAT%2BzfID0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace0cb9e218c15-EWR
expires: Thu, 25 Jan 2024 01:52:39 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 6450 2 KB
1 KB 41ms
39ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.06131200856376484&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:40 GMT
Expires: Thu, 01 Feb 2024 01:52:40 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 2b50.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 56C5 554 B
652 B 38ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2b50.svg

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 178ms
45ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 21b3b4b5b8768ab140b93e44750df54ad98915f2db1344442f2acd38251af9e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Thu, 25 Jan 2024 01:52:39 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 1125
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame B847 19 KB
9 KB 32ms
32ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:40 GMT

GET
DATA 200
OK truncated
/ Frame D5AB 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: add3315d7a7bb82510756eb8828798744b2613a242d9388a73acc0b67b9101a9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 56C5 16 KB
6 KB 46ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 41181
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0ccbb4e41cd-EWR
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 56C5 7 KB
3 KB 207ms
201ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4794504.php?4794504&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLASKAR2D%20%E2%80%93%20PREDIKSI%20ANGKA%20TOP%20LASKAR2D%20HARI%20INI&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-38906105&@b3:1706147560&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fking.laskar2d.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 837b5f84ebd3725304ce3be532c2b5469366c6f934e90d5f06630165fd0f2c5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
x-t: 0.216
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KI4QyDJt0v66FgUEYPS2oU3WQR0Bi5yk9UPxooHerqv9xzRMKL2wQEGyTOQONWyzmLL0jtR3VqQRBVgC%2BaE1nvzP6jIs5z44Zl0AltPB6LFfc3Ee1SZZnhVg86kuc5ajE7f9pkYcoSe%2BwY8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace0ccbf758c15-EWR
expires: Thu, 25 Jan 2024 01:52:39 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 382ms
62ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 278
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: enbOkNSoTRxPE7KIb7Z1ulEwS9o6KtGuvOii5jbdyaODnI42HY8sVg==

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame 20CD 438 B
675 B 60ms
60ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

7003168142ffd80ee90f12b6161defe4f8dc1c331a246ad19f4c2f5577e23d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame B847
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=ad295b94-2022-4a08-8e14-97c9109b6633&gdpr=0&gdpr_consent=

42 B
297 B

194ms
47ms

Image
image/gif

52.95.251.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=ad295b94-2022-4a08-8e14-97c9109b6633&gdpr=0&gdpr_consent=

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Server

52.95.251.104 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-95-251-104.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHgABGWxvucAAAAJA0UvAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=ad295b94-2022-4a08-8e14-97c9109b6633&gdpr=0&gdpr_consent=
date: Thu, 25 Jan 2024 01:52:40 GMT
server: Kestrel
content-length: 215

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame B847
Redirect Chain

https://idsync.rlcdn.com/386076.gif?partner_uid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&gdpr=0&gdpr_consent=
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhnQUJHV3h2dWNBQUFBSkEwVXZBdz09EAAaDQjo_catBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&rand=06973943
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&rand=06973943&expected_cookie=ab812ea1-ab34-46d4-9b67-09ee79a11587

0
142 B

193ms
189ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&rand=06973943&expected_cookie=ab812ea1-ab34-46d4-9b67-09ee79a11587
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DEC0452C8B8B41C98A63A403610A3213 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:42Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu29gWCUdjpmHRHcn9A==

Redirect headers

date: Thu, 25 Jan 2024 01:52:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 094C2940E0DB4CC5A0D6185D04990BF3 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=10339&puuid=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&rand=06973943&expected_cookie=ab812ea1-ab34-46d4-9b67-09ee79a11587
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu29dUeuNz0WmpVJXgg==

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame B847
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2Nys14zS3tUJpguYKxogyfIaLZPVVipH3Ciz2mV4Swmg&gdpr=0&gdpr_consent=

42 B
297 B

196ms
39ms

Image
image/gif

52.95.251.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2Nys14zS3tUJpguYKxogyfIaLZPVVipH3Ciz2mV4Swmg&gdpr=0&gdpr_consent=

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Server

52.95.251.104 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-95-251-104.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHgABGWxvucAAAAJA0UvAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2Nys14zS3tUJpguYKxogyfIaLZPVVipH3Ciz2mV4Swmg&gdpr=0&gdpr_consent=
Date: Thu, 25 Jan 2024 01:52:40 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame B847
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHgABGWxvucAAAAJA0UvAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3641590338835972151
https://ml314.com/csync.ashx?fp=3b044b67ed0cdd5b032a33d62bf90f0fb994a9f252e71de705fa919b3ba1c175f4cb09cee1a4f8eb&person_id=3641590338835972151&eid=50082

43 B
124 B

72ms
61ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=3b044b67ed0cdd5b032a33d62bf90f0fb994a9f252e71de705fa919b3ba1c175f4cb09cee1a4f8eb&person_id=3641590338835972151&eid=50082
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 26 Jan 2024 01:52:41 GMT
date: Thu, 25 Jan 2024 01:52:41 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Thu, 25 Jan 2024 01:52:40 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=3b044b67ed0cdd5b032a33d62bf90f0fb994a9f252e71de705fa919b3ba1c175f4cb09cee1a4f8eb&person_id=3641590338835972151&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame B847
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZHgABGWxvucAAAAJA0UvAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

231ms
53ms

Image
image/gif

52.95.251.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Server

52.95.251.104 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-95-251-104.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHgABGWxvucAAAAJA0UvAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Thu, 25 Jan 2024 01:52:40 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame D5AB 58 KB
18 KB 51ms
42ms Script
text/javascript 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:33:31 GMT
content-encoding: gzip
via: 1.1 9d71affbaf22baf23eab459f3d2ee77a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P1
age: 44650
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: x_c_qe8FPfHn1l5Tgs_OGWWwpifFTpU4vmZJcuOESN1rj3cMYRDj2g==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame D5AB 0
441 B 59ms
50ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fbolo.treksantuy.xyz%2F&r=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
x-t: 1.03
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtxlVVcr470VPF%2F4VPml16bmvnlTTxeg0m1M%2BChqO%2BX1%2F4FFerekuz0fpykypJxZU%2FOeaGqgzKx%2FGZhh9d%2BcdtBZZ0Uq86R4fQLW3Bi2gpdQj2539%2BCZPtLJ%2FTEbmBMUZdaMgxQJEhWlWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 84ace0cddd10c32b-EWR
expires: Thu, 25 Jan 2024 00:58:47 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame D5AB 33 KB
11 KB 51ms
42ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70515
x-amz-cf-id: XYy58BzT_iybnltE2szs2W2F13bM8UZuecNXWrJq85tTMR1zmbmIfg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame D5AB 2 KB
3 KB 52ms
49ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame D5AB 51 B
363 B 104ms
98ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=bolo.treksantuy.xyz&_ss=11u575n9et&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=3x5w&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ead3876b9bac7950974842f46dda67ac51306ecc7f5fa9401d1c0e9497dfd07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
x-t: 0.156
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIAZsQQmiNtHL2UxM63j%2BGiIvrq2CBy1THEfO%2FTn582TU%2Fb%2FegvbnT%2BWodL%2BMVI57pp0GIvxTQ2kCwkiHUH83KWoEiWUL8WzjaEBJhfkGcNXtbXmrcONA%2FoMY6q%2FifJU3gRGU%2FaPXOukeE4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace0cde90d8c15-EWR
expires: Thu, 25 Jan 2024 01:52:39 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D5AB
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A0170614755864712164A73D22398F
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=ad295b94-2022-4a08-8e14-97c9109b6633&icm&gdpr=0&gdpr_consent=&cver
https://spl.zeotap.com/?zdid=1332&zcluid=9a20bd7ec2f0dedd
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=70ef5265-9d4b-4115-4e37-0f205f19a105&reqId=1ac4910b-2999-4521-7f0f-4a82813c8c1d&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEPmM7KsKEtb3uffBKgRgDrc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=70ef5265-9d4b-4115-4e37-0f205f19a105&reqId=1ac4910b-2999-4521-7f0f-4a8...

95 B
165 B

169ms
130ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEPmM7KsKEtb3uffBKgRgDrc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=70ef5265-9d4b-4115-4e37-0f205f19a105&reqId=1ac4910b-2999-4521-7f0f-4a82813c8c1d&zcluid=9a20bd7ec2f0dedd&zdid=1332

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://bolo.treksantuy.xyz
access-control-allow-credentials: true
cf-ray: 84ace0d5ed414249-EWR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEPmM7KsKEtb3uffBKgRgDrc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=70ef5265-9d4b-4115-4e37-0f205f19a105&reqId=1ac4910b-2999-4521-7f0f-4a82813c8c1d&zcluid=9a20bd7ec2f0dedd&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame 4872 343 B
459 B 281ms
159ms Document
text/html 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 244083
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 84ace0cf4ef64cb1-PHL
content-encoding: gzip
content-type: text/html
date: Thu, 25 Jan 2024 01:52:40 GMT
etag: W/"651ed192-157"
expires: Sun, 28 Jan 2024 01:52:40 GMT
last-modified: Thu, 05 Oct 2023 15:09:06 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

204

/
lex.33across.com/ps/v1/pubtoken/
Redirect Chain

https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1706147560450.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d55...
https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1706147560450.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d55...

0
66 B

107ms
78ms

Image
text/plain

67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1706147560450.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3DBrand%2BSafety%252FMilitary%26pdev%3D%26pctry%3DUS%26referrer%3Dhttps%253A%252F%252Fsky.pasukanantidepo.shop%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D&b=1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP012 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status: 8
date: Thu, 25 Jan 2024 01:52:40 GMT
server: 33XP012

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:40 GMT
referrer-policy: unsafe-url
server: 33XP013
x-33x-status: 8
location: https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1706147560450.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3DBrand%2BSafety%252FMilitary%26pdev%3D%26pctry%3DUS%26referrer%3Dhttps%253A%252F%252Fsky.pasukanantidepo.shop%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D&b=1
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 dpx
i.simpli.fi/ 95 B
553 B 212ms
70ms Image
image/png 34.86.110.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1706147560450.2&ref=
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.110.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:40 GMT
server: openresty
content-type: image/png; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 95
x-request-id: F610Kr5eAmjjw2XNYuOG
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dpx
i.simpli.fi/ 95 B
552 B 210ms
69ms Image
image/png 34.86.110.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1706147560450.4&ref=
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.110.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:40 GMT
server: openresty
content-type: image/png; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 95
x-request-id: F610Kr5ac6-HPjJq7F-C
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
bolo.treksantuy.xyz/wp-includes/js/ Frame D5AB 18 KB
5 KB 618ms
606ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkOcQ9s6YPseiP3pydGCyIBe6TIWSWv0MzX9TQfWX0nzvqNtMD8ImSzoUvtOw4BpCQbAerHHF43fB%2FpBQsTK%2FOHC6OsY42jTp0ciSAa7cOAqpvVXAN1S2jjZne2xZVc1VqJ%2FL0w5zpejfIOhh7iPDoIP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0ce0d8a434a-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:40 GMT

GET
DATA 200
OK truncated
/ Frame 56C5 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 56C5 58 KB
18 KB 67ms
66ms Script
text/javascript 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:33:31 GMT
content-encoding: gzip
via: 1.1 9d71affbaf22baf23eab459f3d2ee77a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P1
age: 44650
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 0CwK5J3iump69A4GNZ6iQEY9q5lj3CF83JrRMOw3kjKyykKJ1w0uZw==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 56C5
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A0170614755864712164A73D22398F
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=a139b9eeb307c3a4
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mk4xUkhJXzNkTXdZdExXX2lqc08yUzRpckF1SVdXRmpwczVTUUtPUjdJNzQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mk4xUkhJXzNkTXdZdExXX2lqc08yUzRpckF1SVdXRmpwczVTUUtPUjdJNzQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEMVtBeUTTzbMUOkT89_bp00&google_cver=1

70 B
440 B

55ms
53ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEMVtBeUTTzbMUOkT89_bp00&google_cver=1
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 25 Jan 2024 01:52:41 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEMVtBeUTTzbMUOkT89_bp00&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 56C5 0
434 B 71ms
70ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fking.laskar2d.xyz%2F&r=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
x-t: 3.75
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8DaqWRV1I7GBckUs9xr0VsoIwcAYwzFnuU9eY1z7JOXCvguW3RWI3eyZBQS%2BWvQ3FKVQMQ5BIwqrHUFPPEVGWWyhN%2FKcaT8wQEvCRmCx%2FGlfoXAeSgeR7b4a3s0L9wnGRdvqekxsMebbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 84ace0ce2d69c32b-EWR
expires: Thu, 25 Jan 2024 01:50:22 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 56C5 33 KB
11 KB 67ms
66ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70515
x-amz-cf-id: S7YVfFWYWWPjn2VpJCs8Vi6QD_TNqQdVkFWhtuyDFPhfzJcNkKPgyA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 56C5 2 KB
3 KB 64ms
63ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 56C5 51 B
333 B 223ms
223ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=king.laskar2d.xyz&_ss=4kz2zcsha5&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=4iw7&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 797c3f880053a4308165c199b4d9ce83c1e32dc11244b6b6d63f36c19873ad85

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
x-t: 0.122
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnXiIHQsfmehHwGMLpPTA8D0eKOsXhOjdPC475TZg2igvMR0mYqk7uK%2BcHa9KAyd7IDFF4YSIr7wmYWrNTrXW8uwsFvydBD73iyMh6uf8taLG3qCJnadpCVRDCVdQBVejoEYi8MfoBtyJvI%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace0ce29678c15-EWR
expires: Thu, 25 Jan 2024 01:52:39 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame 20CD 51 KB
16 KB 241ms
68ms Script
application/javascript 23.7.64.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.7.64.229 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-7-64-229.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 25 Jan 2024 01:52:41 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Thu, 01 Feb 2024 01:52:41 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame D5AB 2 KB
2 KB 36ms
27ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9984336319635709&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:40 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame D5AB 42 B
265 B 43ms
35ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&event_source=dtscout&rnd=0.9984336319635709&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame D5AB 50 B
455 B 87ms
63ms Fetch
application/json 52.84.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.18.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-18-2.ord53.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
via: 1.1 f7643b009c68e27aaeae1de9ae84fb44.cloudfront.net (CloudFront), 1.1 b355b23fdbed3c58c37ede4924bc4602.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, ORD53-C2
x-amzn-requestid: be8def65-331e-4231-b921-e2a7691646d1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SErEcGSliYcEPSA=
content-length: 50
x-amz-cf-id: CwWhoBNcXcO6SCZceYWbfn2r8ouXMoM5PF-KTwO0n-Gd09VUhPmMKQ==

GET
H3 200 close.png
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/ Frame D5AB 4 KB
5 KB 733ms
723ms Image
image/png 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/close.png
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DV8HWlMIJQq09N%2Fyto68IR7%2BgZiOZJLNZ1h%2Bd9P8xxTRv3vMLewjUVc7DlY5lx%2FCRfJpUv6F%2Bnnq32s4PLBQsHf5PtOps8AzIm8S9Tidb9eKAUtaFpll5t%2BKrmHQ9fyrrh4GSIg%2BEBD079EIMa6NFnFX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84ace0cfcfac434a-EWR
alt-svc: h3=":443"; ma=86400
content-length: 4393
expires: Thu, 01 Feb 2024 01:52:40 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 56C5 2 KB
2 KB 37ms
23ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.28296063420662954&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:40 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 56C5 42 B
265 B 57ms
34ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&event_source=dtscout&rnd=0.28296063420662954&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 56C5 50 B
455 B 102ms
96ms Fetch
application/json 52.84.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.18.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-18-2.ord53.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:40 GMT
via: 1.1 2385507f5b61fa8340ed5eafca1e99d0.cloudfront.net (CloudFront), 1.1 b355b23fdbed3c58c37ede4924bc4602.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, ORD53-C2
x-amzn-requestid: b36b6c67-95f7-4ae5-a7cf-527af7fc2742
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SErEcHVtCYcEhIA=
content-length: 50
x-amz-cf-id: f_aVPg1cyXqp-TmItTuKPK9Q0EB9jhGhovrAlWiBGjXr_0DdqeNr8w==

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
472 B

31ms
28ms

Fetch
application/json

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: c76620cbca3408b460b44d17494eaacdb69f791771e952d0d55ac969d3e9a390

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://sky.pasukanantidepo.shop
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Thu, 25 Jan 2024 01:52:41 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://sky.pasukanantidepo.shop
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame F854 2 KB
1 KB 48ms
29ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9984336319635709&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:40 GMT
Expires: Thu, 01 Feb 2024 01:52:40 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame D039 2 KB
1 KB 75ms
46ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.28296063420662954&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:41 GMT
Expires: Thu, 01 Feb 2024 01:52:41 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame 4872 39 KB
12 KB 76ms
46ms Script
text/javascript 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:42:18 GMT
content-encoding: gzip
via: 1.1 9d71affbaf22baf23eab459f3d2ee77a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:51:51 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P1
age: 36624
etag: W/"b054dbc49b30695b40107158fb25e846"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: HcsDCynerBhyAPpPbKBQK0cDzT2Z5JFuI9cByHba7IXp62o9tE2fTQ==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 28A7 19 KB
9 KB 43ms
34ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:41 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame D5AB 5 KB
2 KB 73ms
47ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 279
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: mmd0JoorkKrXEbCi1CxPCOw2WEzdDZPWLRtgZEhGlo8XRu-2j5ipvw==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 56C5 5 KB
2 KB 96ms
78ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 279
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: YSgiep_smQhhUPc2HBx_zuGKRri4edVrTS_v4Cuj89cPHRfIUph58Q==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 1017 19 KB
9 KB 67ms
65ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:41 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame 4872 156 B
616 B 491ms
48ms XHR
application/json 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e0f7ee4c8a10c176e17bed490589dadd0bc176264e286deecf6b4b9d1e3a89fb

Request headers

Referer: https://cdn-tc.33across.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.40.49.220
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2

200

2981 Show response
tags.bluekai.com/site/ Frame 404F
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHgABGWxvucAAAAJA0UvAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1275.23381%26cid%3Dc010%26...
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=MCtUcW5Dd005OU9CK3Fhaw%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK21h4OpnpWS6JxFLGtcpgY&google_cver=1

62 B
306 B

148ms
147ms

Document
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK21h4OpnpWS6JxFLGtcpgY&google_cver=1
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Thu, 25 Jan 2024 01:52:41 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 01:52:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK21h4OpnpWS6JxFLGtcpgY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H3 200 1f534.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame D5AB 113 B
413 B 69ms
69ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f534.svg

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

93f28a18a1df638b539f6bde99c048a50ad7b8a5643c6966a0546a0c50f7cace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 113
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2b50.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame D5AB 554 B
640 B 75ms
75ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2b50.svg

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
rtx.dudasoleh.lol/wp-includes/css/dist/block-library/ Frame BBD3 107 KB
15 KB 77ms
50ms Stylesheet
text/css 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:09:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 286573
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHGg%2FSHFDQbDC5gwL6Cpaq%2F51%2Frz7t0XsCqpgRo5%2Bx1nSR7%2FHh%2FABZwpb5QHG4%2Bmbc4HZ%2BJVluqzVjFhAzpDBrOe1kUTE0RW8%2F35ILsjH6rFa0z%2BGxS74Z%2BRWPiHFhmr9%2BnR2HxcSQjLq5SM17%2BkTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d45f9178d6-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 18:16:28 GMT

GET
H2 200 sidebar-login.css
rtx.dudasoleh.lol/wp-content/plugins/sidebar-login/build/ Frame BBD3 2 KB
738 B 55ms
33ms Stylesheet
text/css 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1688220023
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 286573
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNMhNp%2BaDHSQ9OpsaVu9cj%2Bb%2BoQTbeKeNKElDZ96MfFPNBppttCZUxncclNo1oRY2KPr533238C2e9mNO6Qp%2FjdjjdaNUe2oj%2FQgHS%2FZMiFV3RE2e99NWy3QG9Cnq7bjhooh6rtaYO8rxE0ZXtAeGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d45f9378d6-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 18:16:28 GMT

GET
H2 200 style.css
rtx.dudasoleh.lol/wp-content/themes/asteroid/ Frame BBD3 28 KB
9 KB 58ms
35ms Stylesheet
text/css 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 27 Aug 2023 05:59:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 124013
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPLDZ7ecgmOBKixREwyzqOUZyy%2B1HmF7VHtxrEDd2ESIckN2ofNFwhcRX%2FJIPx3Q0aKGIWCVFiSZ2p5bXRV8Ff1GMlv9nsxRyybkC%2BlaI4ILS%2FWrj7Z%2FSH3tsa%2FnRJUHQ3JCYtDGyN6rpj80SOA2Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d45f9778d6-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 15:25:47 GMT

GET
H2 200 jquery.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/jquery/ Frame BBD3 86 KB
31 KB 60ms
38ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:09:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 286573
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnfRVpO5rmIu3gLHPScf6wcAbRA%2Bom4LBhsaHIRfLy%2Fc2%2Fr2EsbuUpvGyJEjPCufco%2BqFT%2FQk64PDVXrknEMzG%2Flzt5flHi%2BTAx9YX%2BHPmWuyAzk0LVMSaTf3bbBzCa1QGMYUd%2BgmjpwjjWS1GjuDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d45f9878d6-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 18:16:28 GMT

GET
H2 200 jquery-migrate.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/jquery/ Frame BBD3 13 KB
5 KB 70ms
48ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Aug 2023 21:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 286573
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONA5olM0NtNSTSNvfVLj45OroH3%2BO%2BVE7PUddfQE00swGqTblMWAeEHgh8eyHtdMRFkwTQCYzL%2F36nslEdMEcNodkMWdkK8qS8uMZjDQHwxsa3QNtU%2BbbV1BB0pGpOe6yleL4RWtsKkdDKtoXDut7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d46fa178d6-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 18:16:28 GMT

GET
H3

200

/
bolo.treksantuy.xyz/ Frame BBD3
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

2629ms
2628ms

Image
text/html

2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Jan 2024 01:52:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4UiQjYn90rr5fTUbbXQH0eYYaqh9zhZYSiodVbtJZk6IVwS0C3ZAlpOkSqrgPeYWy6hn%2F2xcYPugfWUi0%2BbWkJ2hllXjOWv9ptbd3tDusXcrOGRzZ99dPSBpVy3jdqiKUSgu%2FNcrs2BIyQqqaKlXw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 84ace0d44ff543c3-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 02:52:41 GMT

GET
H3 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame BBD3 105 KB
106 KB 503ms
490ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 10 Feb 2024 18:03:15 GMT

GET
H3 200 new-bandarnalo.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame BBD3 100 KB
101 KB 500ms
498ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/new-bandarnalo.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:37:19 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 102622
expires: Mon, 05 Feb 2024 20:52:18 GMT

GET
H3 200 paitowarna.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame BBD3 156 KB
156 KB 517ms
493ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/paitowarna.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:35:44 GMT
server: nginx
x-orig-src: 0_mogiad
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 159643
expires: Sat, 24 Feb 2024 06:07:08 GMT

GET
H3 200 729x90-animated-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame BBD3 327 KB
327 KB 527ms
503ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90-animated-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Oct 2023 12:16:32 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335048
expires: Thu, 25 Jan 2024 15:20:51 GMT

GET
H3 200 729x90_agennalo.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame BBD3 327 KB
327 KB 542ms
520ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90_agennalo.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 19:28:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 334612
expires: Wed, 31 Jan 2024 13:26:16 GMT

GET
H3 200 unnamed-1.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 205 KB
205 KB 551ms
528ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bfcef82755bac56e01032d196dc587e851fcfb9a2a1882c7e283b9ea451a17a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:46:35 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 210028
expires: Mon, 12 Feb 2024 10:35:33 GMT

GET
H3 200 unnamed-3.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 224 KB
225 KB 560ms
538ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-3.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e78ac302ebdef9842d5c628cef762ed1ad4b9650dd4915810cbf3cdaa86010c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:48:07 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 229818
expires: Sun, 04 Feb 2024 06:51:54 GMT

GET
H3 200 unnamed-22.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 292 KB
292 KB 564ms
542ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-22.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d30f436b9752f07747f2b72cc77985554918de4f9b5e74c65271c89e3b1501b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:19:02 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 298675
expires: Tue, 06 Feb 2024 06:20:20 GMT

GET
H3 200 unnamed-5.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 362 KB
362 KB 589ms
567ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-5.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87d3abed87820941c3f8f4d8cc01563a8ef74d7886c948b9b0da3e3929bfce92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:51:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 370255
expires: Mon, 29 Jan 2024 17:58:49 GMT

GET
H3 200 unnamed-6.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 507 KB
507 KB 605ms
583ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-6.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ac6002b55a7bc33de07da0fc1391dbd8b61598823a7768591aed4b0e4a5e421a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:53:48 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 519311
expires: Thu, 01 Feb 2024 13:36:16 GMT

GET
H3 200 unnamed-7.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 528 KB
529 KB 623ms
602ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-7.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06710711e7517c22412aa923d472e9cce857b02605e4c0049cdc7edb666a132c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:55:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 541175
expires: Thu, 01 Feb 2024 12:45:20 GMT

GET
H3 200 unnamed-8.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 355 KB
356 KB 640ms
619ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-8.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ee5599420176d6c73cb80505f7d287e527d903336f0cfb2348ace130fb7d6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:57:28 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 363774
expires: Fri, 02 Feb 2024 21:18:28 GMT

GET
H3 200 unnamed-28.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 328 KB
328 KB 652ms
631ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-28.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8ac1e08581c5691d74fb1a69b925f400e14db93ddc9451db0b72456e4af3a2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:13 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335785
expires: Mon, 12 Feb 2024 15:00:38 GMT

GET
H3 200 unnamed-27.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 289 KB
289 KB 665ms
644ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-27.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cdf948f65cf951821da557dc5b8cc9067c64589070285feab8aa6f7c64657e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:18:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 295549
expires: Tue, 30 Jan 2024 10:59:57 GMT

GET
H3 200 unnamed-26.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 262 KB
263 KB 706ms
685ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-26.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbd4ea5e26cff619ebe31130ce16126cdcaff265a697139b20c80a960954832f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:17:49 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 268554
expires: Sat, 27 Jan 2024 19:14:15 GMT

GET
H3 200 unnamed-24.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 228 KB
228 KB 710ms
690ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-24.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e22819d3433cfdb5d3f848fee01b7cccc863970901de5efa3e80a7eadbd48c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 232980
expires: Wed, 21 Feb 2024 11:31:06 GMT

GET
H3 200 unnamed-25.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 693 KB
693 KB 714ms
694ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-25.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e31a5516051e3dcd6be48ada99dbf2d270db37dd3a304fded21e105f6c733bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 709526
expires: Sat, 27 Jan 2024 08:23:41 GMT

GET
H3 200 unnamed-29.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 193 KB
193 KB 757ms
737ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-29.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2388f1b8ef95668322254f1ae8523c148beceddccd6e239bd683281835e1180b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 197657
expires: Mon, 05 Feb 2024 21:03:21 GMT

GET
H3 200 unnamed.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 250 KB
250 KB 785ms
765ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:44:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 256150
expires: Thu, 15 Feb 2024 13:06:36 GMT

GET
H3 200 unnamed-10.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 270 KB
270 KB 799ms
779ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-10.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:31:01 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 276544
expires: Sat, 10 Feb 2024 18:12:52 GMT

GET
H3 200 unnamed-11.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 247 KB
247 KB 800ms
781ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-11.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:32:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 252743
expires: Sun, 11 Feb 2024 14:05:02 GMT

GET
H3 200 unnamed-12.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 282 KB
283 KB 3860ms
3841ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-12.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:33:50 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 289127
expires: Fri, 16 Feb 2024 22:13:10 GMT

GET
H3 200 unnamed-13.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 514 KB
514 KB 2712ms
2693ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-13.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:34:55 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 526000
expires: Sun, 11 Feb 2024 01:50:47 GMT

GET
H3 200 unnamed-14.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 291 KB
291 KB 824ms
805ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-14.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:35:54 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 297540
expires: Tue, 06 Feb 2024 19:30:34 GMT

GET
H3 200 unnamed-9.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 194 KB
194 KB 866ms
847ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-9.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:27:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 198395
expires: Mon, 12 Feb 2024 22:33:45 GMT

GET
H3 200 unnamed-15.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 388 KB
388 KB 877ms
858ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-15.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:37:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396918
expires: Tue, 06 Feb 2024 18:52:34 GMT

GET
H3 200 unnamed-16.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 326 KB
326 KB 898ms
882ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-16.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:39:46 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 333383
expires: Mon, 26 Feb 2024 08:44:51 GMT

GET
H3 200 unnamed-17.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 312 KB
312 KB 917ms
901ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-17.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:41:12 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 319266
expires: Wed, 07 Feb 2024 01:41:58 GMT

GET
H3 200 unnamed-18.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 188 KB
188 KB 946ms
930ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-18.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:42:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192555
expires: Sun, 28 Jan 2024 07:29:10 GMT

GET
H3 200 unnamed-19.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 280 KB
281 KB 962ms
950ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-19.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:43:23 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 286968
expires: Tue, 20 Feb 2024 13:23:07 GMT

GET
H3 200 unnamed-20.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 351 KB
352 KB 979ms
967ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-20.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:44:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 359746
expires: Tue, 06 Feb 2024 10:24:45 GMT

GET
H3 200 unnamed-21.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 265 KB
265 KB 994ms
982ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-21.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:45:42 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271048
expires: Thu, 25 Jan 2024 10:31:27 GMT

GET
H3 200 dewagg_gif-banner_prediksi_728x90.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame BBD3 118 KB
118 KB 1064ms
1052ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/dewagg_gif-banner_prediksi_728x90.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b39b662997f28827a3d141e224cd93db44e6251335d0f0a19c5971c5f800aef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:12:44 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 120678
expires: Wed, 31 Jan 2024 20:43:41 GMT

GET
H/1.1 200
OK 4789623.gif
s4is.histats.com/stats/i/ Frame BBD3 986 B
1 KB 226ms
93ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4789623.gif?4789623&103
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 2e0a6fc74dc393d806872f0725a2ca92af2b315067512eb5ba2b7b4f29d28f49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:42 GMT
Connection: close
ETag: 822909455
Content-Length: 986
Content-Type: image/png

GET
H3 200 wlatogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame BBD3 2 MB
2 MB 1005ms
994ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/wlatogel88-728x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1592720
expires: Tue, 27 Feb 2024 02:39:36 GMT

GET
H3 200 kaisartoto88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame BBD3 1 MB
1 MB 1019ms
1008ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/kaisartoto88-728x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:51 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1415984
expires: Thu, 15 Feb 2024 03:37:55 GMT

GET
H3 200 indolottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame BBD3 1 MB
1 MB 1031ms
1021ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indolottery88-728x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1417070
expires: Tue, 27 Feb 2024 00:44:14 GMT

GET
H3 200 dunialottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame BBD3 997 KB
998 KB 1036ms
1025ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/dunialottery88-728x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:57 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1021153
expires: Fri, 23 Feb 2024 22:10:23 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame BBD3 5 MB
5 MB 1058ms
1047ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H3 200 close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ Frame BBD3 2 KB
2 KB 63ms
53ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
server: fife
etag: "v744"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 26 Jan 2024 01:52:39 GMT

GET
H3 200 indoboss6d728x90.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame BBD3 2 MB
2 MB 1058ms
1049ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indoboss6d728x90.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2431527
expires: Fri, 09 Feb 2024 02:21:29 GMT

GET
H3 200 microtogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame BBD3 2 MB
2 MB 1095ms
1086ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/microtogel88-728x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2505021
expires: Mon, 12 Feb 2024 04:46:55 GMT

GET
H3 200 ibetwin_gif_400x400.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame BBD3 1 MB
1 MB 1106ms
1097ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/ibetwin_gif_400x400.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

730412109bc24c266a27e4c2248182c8952c1ec999199851413a1779cd7d0ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:13:14 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1280443
expires: Tue, 27 Feb 2024 00:44:43 GMT

GET
H3 200 jquery.modal.css
rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/ Frame BBD3 823 B
821 B 73ms
49ms Stylesheet
text/css 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2023 09:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 53314
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YTpPRdn2As5juKmvbk89i9vSMY9JjmyiSRsPmhPxGNOZ7JDn2yRCQKTKKieFceZZhdx7Ythm7%2BoPjx6s3F5crkAF7C8JYKpYYSp%2BCqP0PwfFrMe7v2%2FdikRBIY0c1IGmP77Av9XfMHZmIJt3rKfgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d599164385-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 11:04:06 GMT

GET
H3 200 popups.css
rtx.dudasoleh.lol/wp-content/plugins/uji-popup/css/ Frame BBD3 2 KB
1 KB 647ms
623ms Stylesheet
text/css 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 09:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eq%2BOD2JQaWmqFU0BiV8f0Pvs703I6uydQ89DrGAWjE1LNQZqMr1Sk81j2TlOFsmy7KakTik5T2fBMsT6%2B9rb7iw1KYNOK9visHKudnK9tR0KgiOMoOmoul8GPrPUiA2Kkj376SBE8YlyOfNJQrg6Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d5991a4385-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:41 GMT

GET
H3 200 email-decode.min.js Show response
rtx.dudasoleh.lol/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame BBD3 1 KB
1 KB 67ms
43ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rtx.dudasoleh.lol/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 15:56:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65aa9bb3-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=896dTvUP8vxVioyioN1mQxWpqguoYQulxXMWvYKJPovKWfRkiCf0OKeppLBe9%2FyrwY7KtGSyimZet7dL4GduYisDSFYlfsS7QEVvt9e3lDFpdHKS5DCZJiS2NE7eD2%2BzbnBU0X9mL%2BiuwwsjDYq3pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84ace0d5991d4385-EWR
expires: Sat, 27 Jan 2024 01:52:41 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/dist/vendor/ Frame BBD3 8 KB
3 KB 75ms
51ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 23:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 53313
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U05%2B5Zw4%2FXQtIaSt3eIGap6RkFhRJoP%2FewRkRQ4D1NHz8WVgnkB1j7VfBbxrs%2BjFzk43lvScEVWEx4yzJD9gq66pV9TKB7dA%2BXet%2BfijyzKjaQJH%2BKho1I35Wo47JMF5tcWJcc%2BapH3bmzijqOCIcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d5991f4385-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 11:04:06 GMT

GET
H3 200 regenerator-runtime.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/dist/vendor/ Frame BBD3 6 KB
3 KB 73ms
50ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:09:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 53313
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f47iqpFrd5gyfE442Xg2rKVbSJoy%2BLGwrbcRrdLaYbQnVOOvaphXEvagwNlOC7Ooj48AIDa2r92zlfdfvC3xO0zofMagWM9ltgEVxAU5mNqjOvVGFa1TQ5QfzGjyPPuA82fEnlb8x%2FhQSFpAKLeSew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d599204385-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 11:04:06 GMT

GET
H3 200 wp-polyfill.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/dist/vendor/ Frame BBD3 112 KB
36 KB 96ms
72ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:09:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 53313
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrDcWKDDUNJfDM8dUAWveLe9DLp3VxCjRDTPIcplq4oTDEN7tIuPGYaOyQaJ7FU5eT3fJU1yZHvvaygy0to7G7LHYLa4gFDg1fgHCPNX4ZZSTVQGMy%2FRb1WhKjZFXDrQnJ1nG%2BrTohaP9Ul0BZi4JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d599224385-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 11:04:06 GMT

GET
H3 200 frontend.js Show response
rtx.dudasoleh.lol/wp-content/plugins/sidebar-login/build/ Frame BBD3 4 KB
2 KB 647ms
624ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDFDqYRlKz5hDjNXfMWGyahtOjFFAb892Wg7GobMswKIrkfVGubm34kDjuBgPvlEDTB%2BRSr2bukVDK3Nfl7vZ%2FV8fmQiE88fAbYp0cI92lEUux%2Fixpo%2BLLVGt7p6gGtkDV6meeX0lvE2WCqxzHuuuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d599234385-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:41 GMT

GET
H3 200 jquery.modal.min.js Show response
rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/ Frame BBD3 4 KB
2 KB 75ms
53ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2023 09:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 53313
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMofwCFuaqEkUHbR94AxIY8BNl6QTuiUAk0b0cPgpTgSj0Dbe7ny1GbJ5EjH0BDxMLGORclifkUcQhNUq3iMH9Q7kJDLhchJIjBmIOGmTEBVelypeuf9GEexhSXLB46%2FqHmYwjeZxnojHEYTn7OJtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d599254385-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 11:04:06 GMT

GET
H3 200 popups.js Show response
rtx.dudasoleh.lol/wp-content/plugins/uji-popup/js/ Frame BBD3 2 KB
1 KB 80ms
57ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2023 09:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 335942
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJc3Swo5YXFpc7cVW6e8%2BnGbTWw59D1P5J52wGPxW%2Fd%2B%2F10w2Bt0uklp8pbyR%2B%2FMxH%2FGO0Txc48doYCq1lPnnHoLBztfwZt4cZ0DpJsMTgFqJHME0OPKcnWuAbXYD0UbrTIonAZ5rB6OGd%2FjBw342Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0d599274385-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 04:33:39 GMT

GET
H2 200 style.min.css
markas-prediktor.info/wp-includes/css/dist/block-library/ Frame 2414 107 KB
13 KB 283ms
263ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:52:41 GMT

GET
H2 200 cwp.css
markas-prediktor.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 2414 227 B
285 B 304ms
285ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:52:41 GMT

GET
H2 200 sidebar-login.css
markas-prediktor.info/wp-content/plugins/sidebar-login/build/ Frame 2414 2 KB
388 B 538ms
519ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:52:41 GMT

GET
H2 200 style.css
markas-prediktor.info/wp-content/themes/asteroid/ Frame 2414 28 KB
8 KB 537ms
518ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:52:41 GMT

GET
H2 200 jquery.min.js Show response
markas-prediktor.info/wp-includes/js/jquery/ Frame 2414 86 KB
29 KB 333ms
316ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:52:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
markas-prediktor.info/wp-includes/js/jquery/ Frame 2414 13 KB
5 KB 549ms
532ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:52:42 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 2414 157 KB
26 KB 208ms
41ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://markas-prediktor.info/
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461275
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18138-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 2414 30 KB
7 KB 255ms
88ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 4991742
cdn-cachedat: 10/31/2023 18:51:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f99c225dea09fd9a1dc0298de4f8988a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace0d558f6431c-EWR
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 2414 21 KB
8 KB 207ms
41ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://markas-prediktor.info/
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977768
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18138-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 2414 62 KB
16 KB 207ms
41ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://markas-prediktor.info/
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948450
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18138-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 2414 258 KB
258 KB 1723ms
1558ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 2414 4 MB
4 MB 449ms
284ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 2414 53 KB
53 KB 3065ms
2990ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 2414 652 KB
653 KB 1526ms
1468ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 2414 397 KB
397 KB 3144ms
3086ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 2414 443 KB
443 KB 1526ms
1472ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 2414 829 KB
830 KB 1486ms
1432ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 2414 736 KB
737 KB 2688ms
2634ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 energi%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcd_6SbNQ99XT55xk6HragvTgvW3NLi-I_7bHLaun0Ag0vc_7f1bgivGIuKkd6pUcJ0WsvtZ_yJPnZKqHNO2sI20DsMdXzIwHnIZqYKNp_O6Z2ZkJh5JRTkAg_6udkPzJ-nYkiCtHYRXeedER6... Frame 2414 459 KB
459 KB 1932ms
1879ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcd_6SbNQ99XT55xk6HragvTgvW3NLi-I_7bHLaun0Ag0vc_7f1bgivGIuKkd6pUcJ0WsvtZ_yJPnZKqHNO2sI20DsMdXzIwHnIZqYKNp_O6Z2ZkJh5JRTkAg_6udkPzJ-nYkiCtHYRXeedER6chXzrDKr06HgvsVO7K0-ZhM7DrwlizaBFP5Rlyb9oYU/s480/energi%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

859fc224dfddea3a5015809ea2d6f46bd8510f039046c3c158f7c018d8f5fbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="energi toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469976
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 gas%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8o2khkyJmyjeKKryUtVWCD8NYEFirgx7mWmm39piLZL0Vcbqm3XpPhtT6YhFT0sLJsuOgzSUtn86hOSSDru6sdPskLiucWb220oM-vIBTmE6jCFOsHo3xl0UwIql1KLV8IEg7sa3ULv11gzHc... Frame 2414 854 KB
854 KB 1257ms
1203ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8o2khkyJmyjeKKryUtVWCD8NYEFirgx7mWmm39piLZL0Vcbqm3XpPhtT6YhFT0sLJsuOgzSUtn86hOSSDru6sdPskLiucWb220oM-vIBTmE6jCFOsHo3xl0UwIql1KLV8IEg7sa3ULv11gzHc52Pp5LZTGU0FTdQgT0Yk5lkxNoPIaALhdgi8uR6Vtko/s480/gas%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab28525af13ce6f2aa74c54d16f533ee08d6df5555277b29093bb98a3df58a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d71"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gas toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 874244
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 apik%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV0OPcAYjgavrOnRETpMZHfxtk1pwNeJeg38Hkrm6cE5Mh1BiBCBFIYlQcrH9msRNgS2PpeteBebAQAQ-9lYSsBMXrQXcAQThbOAPYy3bTC2IDE0ztTRXRc_PiRPQX56BpnDoYs96xjknK3mXS... Frame 2414 254 KB
255 KB 1526ms
1473ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV0OPcAYjgavrOnRETpMZHfxtk1pwNeJeg38Hkrm6cE5Mh1BiBCBFIYlQcrH9msRNgS2PpeteBebAQAQ-9lYSsBMXrQXcAQThbOAPYy3bTC2IDE0ztTRXRc_PiRPQX56BpnDoYs96xjknK3mXS3_GDU_ZJB-i4K_VOwXgpxsRA3_SZ9QVrPodghsW_5Cg/s480/apik%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1069c844742374ce5d55bf288826350c3c5c26c1bcdbde43f76c51c8e2df535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d6c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="apik toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260556
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 agung%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3oHrazPbRV_KiLS3VFJgcE1dNIDdcdOGrPaSOv45k9JSYoRpxvpmYTVw9NLfn95B3obtJ02bARci_4NRp8PqauNjFLIttAluvp4iob0jse_ERv0WWOWmdkHOhEzu8VKdVThprW5vC333101oD... Frame 2414 384 KB
384 KB 3469ms
3416ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3oHrazPbRV_KiLS3VFJgcE1dNIDdcdOGrPaSOv45k9JSYoRpxvpmYTVw9NLfn95B3obtJ02bARci_4NRp8PqauNjFLIttAluvp4iob0jse_ERv0WWOWmdkHOhEzu8VKdVThprW5vC333101oD7d9brne0dmhSzxtsuGTZs4BDYSLyrFYrQPyyLpt3Q0s/s480/agung%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

51657894d582014e07c19a90007b911b5778078a5838eb727f3656fa438be887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d6f"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="agung toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 393106
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 2414 1 MB
1 MB 3022ms
2969ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 2414 2 MB
2 MB 1498ms
1446ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 2414 2 MB
2 MB 3488ms
3437ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:44 GMT

GET
H2 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 2414 733 KB
733 KB 1840ms
1789ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 2414 2 MB
2 MB 3436ms
3385ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 2414 812 KB
812 KB 3112ms
3061ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 2414 659 KB
659 KB 3012ms
2962ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 2414 1 MB
1 MB 2416ms
2366ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 2414 718 KB
719 KB 1947ms
1897ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 2414 309 KB
309 KB 1521ms
1471ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 PENUHBETT%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihHjNCCGyFzkDfwmtOldZw-nhbAurEH_jWBw0DqUiZYRloN5czcnp8yHQOgpj7QJY5IPRfT4EwZWp9lXe5hgp4-_Dkq7uhW_awvKmPqSQ6SsWabbE4Zy3Wom20uf2JC9WHoywcqdTq4PfZZF03... Frame 2414 2 MB
2 MB 2699ms
2660ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihHjNCCGyFzkDfwmtOldZw-nhbAurEH_jWBw0DqUiZYRloN5czcnp8yHQOgpj7QJY5IPRfT4EwZWp9lXe5hgp4-_Dkq7uhW_awvKmPqSQ6SsWabbE4Zy3Wom20uf2JC9WHoywcqdTq4PfZZF03rN34plazLw_1FhY_Mvzbs-uyf044Z078ezKrhalnR9A/s464/PENUHBETT%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7a268fe54141807077d99c931e63dc4ed814892add35accf4f92fb98b0030d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v245f"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PENUHBETT 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1802346
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 2414 1 MB
1 MB 2876ms
2838ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 romobett.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBZmw8QjJdYHlO1X3PZbVty-fd1oQT2kaybeHrQSNy8fNPjdATnqB_jTgkEXqk9ksRYdyftZR9jvICiE_O5e9Hk4Zub4rfypu_2E-y681ZP04ArVY3gOQb4fB9oZptwkTclG6whLQI7S49OJI8... Frame 2414 2 MB
2 MB 3464ms
3425ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBZmw8QjJdYHlO1X3PZbVty-fd1oQT2kaybeHrQSNy8fNPjdATnqB_jTgkEXqk9ksRYdyftZR9jvICiE_O5e9Hk4Zub4rfypu_2E-y681ZP04ArVY3gOQb4fB9oZptwkTclG6whLQI7S49OJI8YQW3GabW-bhhXGskmK2eKTsk36bAG9eWOHYz9NNnKN0/s900/romobett.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cabd6c6e2ce478bc6a9344f5f75f501bbf6b7ba8fd54d7487e7a09279f3a34d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v20a7"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="romobett.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1595918
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 2414 173 KB
173 KB 1497ms
1475ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 banner%20gif%20pasarbett.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifQGtsxCp3OeLvd1Lrhg9PmZ0YLr6TS2Q8cUFn3o9F6ZaUFaMVY39HddT-Yxn8nKqVYlt3SSVFkACEJF_mENwzUU78va4bupjbIhlCnLRY6LYIiYJEXOz2isxRZbKW5vY8OdK523YZgLRS4h15... Frame 2414 16 MB
16 MB 2923ms
2905ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifQGtsxCp3OeLvd1Lrhg9PmZ0YLr6TS2Q8cUFn3o9F6ZaUFaMVY39HddT-Yxn8nKqVYlt3SSVFkACEJF_mENwzUU78va4bupjbIhlCnLRY6LYIiYJEXOz2isxRZbKW5vY8OdK523YZgLRS4h15-2UAhAryQKVW9TipjqURv_gTlHY9hhTVPobsb6KdbbY/s980/banner%20gif%20pasarbett.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3485295530761106ba56255187cc1f9a7f7cddb3b54eb1030dbd0c415b76afbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d0e"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="banner gif pasarbett.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16315436
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H2 200 banner%20gif%20idealsport88.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVJJ1AmWumNs9-LLxJVOnV6hsT7JgwrRId33gNFQQoyqiYG44FQSz1ByFtJwEVsfDI5GFVdUbLnUZAuUWAgOnUhT1euUdOv4tEOSV-qzbTd7t_0dFTHpwYLgtq3JLK7X4c2l04Mewm_DUGzqcn... Frame 2414 1 MB
1 MB 1487ms
1470ms Image
image/gif 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVJJ1AmWumNs9-LLxJVOnV6hsT7JgwrRId33gNFQQoyqiYG44FQSz1ByFtJwEVsfDI5GFVdUbLnUZAuUWAgOnUhT1euUdOv4tEOSV-qzbTd7t_0dFTHpwYLgtq3JLK7X4c2l04Mewm_DUGzqcnMcsYZu90EyuhjO8lCv0iP_bu_Fkgq3COfeEdiVwtlOA/s464/banner%20gif%20idealsport88.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31fbef2d8aa8eb899334230f74c59be161cb7a3fef953d60d698855548e7c825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d09"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="banner gif idealsport88.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1559165
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:52:42 GMT

GET
H/1.1 200
OK 4710982&101.gif
s4is.histats.com/stats/i/ Frame 2414 760 B
899 B 159ms
37ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4710982&101.gif?4710982&101
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 30a951a81bda27afd6c71aaff7748f621fbee27fe57d59828e093491549fd9de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:42 GMT
Connection: close
ETag: -638902546
Content-Length: 760
Content-Type: image/png

GET
H2 200 wp-polyfill-inert.min.js Show response
markas-prediktor.info/wp-includes/js/dist/vendor/ Frame 2414 8 KB
2 KB 338ms
280ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:52:42 GMT

GET
H2 200 regenerator-runtime.min.js Show response
markas-prediktor.info/wp-includes/js/dist/vendor/ Frame 2414 6 KB
2 KB 572ms
515ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:52:42 GMT

GET
H2 200 wp-polyfill.min.js Show response
markas-prediktor.info/wp-includes/js/dist/vendor/ Frame 2414 112 KB
34 KB 565ms
508ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:52:42 GMT

GET
H2 200 frontend.js Show response
markas-prediktor.info/wp-content/plugins/sidebar-login/build/ Frame 2414 4 KB
2 KB 569ms
514ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:52:42 GMT

GET
BLOB 200
OK 32a3df90-8824-49e4-962a-216ab01468c5
https://rtx.dudasoleh.lol/ Frame BBD3 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rtx.dudasoleh.lol/32a3df90-8824-49e4-962a-216ab01468c5
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
BLOB 200
OK e2bef31e-2248-44c2-b3dc-c0bbf05336c5
https://markas-prediktor.info/ Frame 2414 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://markas-prediktor.info/e2bef31e-2248-44c2-b3dc-c0bbf05336c5
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame D5AB 41 B
467 B 86ms
83ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: c76620cbca3408b460b44d17494eaacdb69f791771e952d0d55ac969d3e9a390

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://bolo.treksantuy.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 56C5 41 B
465 B 132ms
36ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: c76620cbca3408b460b44d17494eaacdb69f791771e952d0d55ac969d3e9a390

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://king.laskar2d.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 28A7 0
289 B 68ms
67ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147560931&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=sky.pasukanantidepo.shop&pn=%2F&qs=na&cc=US&cont=NA&evid=lDcU-0YA2coZQIBkUSFV&urls=&rnd=1706147561705&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=574

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:41 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 1017 0
289 B 69ms
67ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147560957&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=sky.pasukanantidepo.shop&pn=%2F&qs=na&cc=US&cont=NA&evid=tDcU-0YAOwbzz_1vyEnu&urls=&rnd=1706147561712&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=523

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:41 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ 43 B
178 B 250ms
60ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:42 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3

200

result.php Show response
wget.angkapaito.net/ Frame 81EC
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
969 B

116ms
115ms

Document
text/html

2606:4700:3037::6815:605a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:605a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2497636d6c13bedc7f466897ad9690fb055dc123f481b599c9e1174a04fb17

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0d668fcc35d-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRN4PobMA%2FMmDhsS5197vTyaY75RhK1IWPxymrioQMQWydPaIvbNewRCIKe65789m6yNhDPoSXlYsfPmxISN8QBwL4L%2B%2F5CxmzrvhltL9xpH4E0BEZUZ6gWuoZW2U2vfooHWW0RYtWoUNH0A%2BvplNS4d"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0d5aa18422d-EWR
content-type: text/html
date: Thu, 25 Jan 2024 01:52:41 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6blvEPGiYU1cgykAuM6cGxZhfIASNa81d0NjEBS6TA%2BnxF1G40T1Ur0gyRrzwFZWRcTBQZ8onPdVEUlOPDfBI%2B91BA3L9bklsO%2BJVEQtS%2Be4BNzI0jjT8ODHw5a21rYDwt8A6h0nTaMimwBqsJkjQ8xk0qE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame BBD3 11 KB
5 KB 58ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68098
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0d5ad7041cd-EWR
content-length: 4547

GET
DATA 200
OK truncated
/ Frame BBD3 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
raja.hoki2d.xyz/ Frame 760A 47 KB
11 KB 1131ms
957ms Document
text/html 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: fc955a1b25871f0695fd7962e55639e2b008b7b946000ead3ff48742aac0af63

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0d72a3b0f55-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:43 GMT
link: <https://raja.hoki2d.xyz/wp-json/>; rel="https://api.w.org/" <https://raja.hoki2d.xyz/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://raja.hoki2d.xyz/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GZDODhgHdZuCCKLTTaKRN1ynUVvUtFn1HAwF7Jo0FOnkbBgc2Xx5ToyLC9CtXI%2F7vBz2DED%2FvdW3NLZmwEKXnPQ2terai%2FFbSyLiGkh5dOuG9g3FJhb5ngajrFhJHlVVaXzGUkORZYPm3T%2Fn3Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK 4789623.php Show response
s4.histats.com/stats/ Frame BBD3 437 B
572 B 292ms
116ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4789623.php?4789623&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDUDA%20SOLEH%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@ohttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@q0&@r0&@s433&@ten-US&@u1600&@b1:-148929968&@b3:1706147562&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Frtx.dudasoleh.lol%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 445f72f8771ec2ba6cebe0908e509d17a798bfb00c748350d8c619a751d50929

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:42 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 2414 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 2414 75 KB
76 KB 328ms
83ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 97f26f4456f2d0817e5ae482adb65692
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace0da38e343f8-EWR
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 2414 11 KB
5 KB 57ms
56ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68099
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0d91ab841cd-EWR
content-length: 4547

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 4AB2 0
0 343ms
134ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=37296
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:42 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 c792ae1ce34a9f3533ab0d18e5712c4a.cloudfront.net (CloudFront)
x-amz-cf-id: TNCFVu5aZ4KEK4ea39vP-KUBxWT0VvC2CmIWf5Rn6DvW4sbptFCYSA==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame D5AB 43 B
177 B 70ms
53ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:42 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 56C5 43 B
177 B 57ms
49ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:42 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
zona-bermain.com/ Frame EE5D 104 KB
20 KB 1630ms
830ms Document
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

d3cda20140593c9613a699c99f680e31fe7a5ddad80ce5d868c527c79f33d047

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:44 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://zona-bermain.com/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.2.14

GET
H2 200 cc_433.js Show response
s10.histats.com/counters/ Frame BBD3 20 KB
9 KB 117ms
114ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_433.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6faef2a9122a84c8ef399b819a303ed612e3aefded8e5dfca6419bc9a2677de3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
etag: "1576520610"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0daedb441cd-EWR
content-length: 9094

GET
H2 200 / Show response
e.dtscout.com/e/ Frame BBD3 7 KB
4 KB 216ms
215ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4789623.php?4789623&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDUDA%20SOLEH%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@ohttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@q0&@r0&@s433&@ten-US&@u1600&@b1:-148929968&@b3:1706147562&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Frtx.dudasoleh.lol%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e5c3465ac627daac9e2923d641e49ef24beb85819bf7db1a7e98b07f746ef0d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:42 GMT
x-t: 0.24
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBSxvQg5A%2F5jELFetP%2BQqg%2BshnZgf0lDHfKuKVqvI5u0uPTpenDp%2Frah9JMjpwGl1nN8ittgcCs67lLT0cNjOZuoLMXLurHiQOr4Ifg%2Fbvy7f4Xe08me5XtBBzhCgrSPJWcfp%2Bfqk3NQK8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace0daea218c15-EWR
expires: Thu, 25 Jan 2024 01:52:41 GMT

GET
H2

200

bk_sync.xgi
x.dlx.addthis.com/e/
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=75174
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=75174&_li_chk=true&previous_uuid=9031f43295f143718f6c243625f67bcf
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155&rd=Y
https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024012501524400042580839287&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=WB9qnL7%2B99YUrfak

43 B
593 B

196ms
152ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=WB9qnL7%2B99YUrfak

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Server

104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 01:52:44 GMT
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:44 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=WB9qnL7%2B99YUrfak
date: Thu, 25 Jan 2024 01:52:44 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 04BC 0
0 194ms
161ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=52176
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:43 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 c792ae1ce34a9f3533ab0d18e5712c4a.cloudfront.net (CloudFront)
x-amz-cf-id: zTPofEFVVogXMAyDsPNF0sZUIIgkoJ4zUdzw9b50v9mNI6XbQA2pgA==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 84A9 0
0 193ms
163ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=70911
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:43 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 c792ae1ce34a9f3533ab0d18e5712c4a.cloudfront.net (CloudFront)
x-amz-cf-id: uI5d7Xlg8nl9nRzHF4IrbcARHoPdBBmGyDT5d_rj_eME8Q-DLKjstw==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 4710982.php Show response
s4.histats.com/stats/ Frame 2414 435 B
570 B 411ms
139ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4710982.php?4710982&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMARKAS%20PREDIKTOR%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fking.laskar2d.xyz%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:84598341&@b3:1706147563&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmarkas-prediktor.info%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: da65b5ddc281d0d1fb7ac543801da80c7cb3cff809ba4c6e54cb38db517acafd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:43 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/ Frame BBD3 18 KB
5 KB 138ms
136ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 12:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 53315
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNVpg%2B8JnYnYxBmTUw5ie4dCp6B4LMr1Qn8qJZkjU%2BJDWCovZO1WOKH6tqkucZZUUlJCB1zF2aBGKOBpvj4sHsDuN2LaQv7Gfux5VuHMgfUYQI1tm6KuPhlILOKayFZF7pOdvCwgAj9klDb7igjrHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0de1abc4385-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 11:04:07 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame BBD3 58 KB
18 KB 123ms
102ms Script
text/javascript 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:33:31 GMT
content-encoding: gzip
via: 1.1 9d71affbaf22baf23eab459f3d2ee77a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P1
age: 44653
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: R_s4r9Vk2SJRfBJpObx8SUl7avBm5UraUzzDlRwb0Q2PbFWuVg2jGw==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame BBD3 0
453 B 124ms
103ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Frtx.dudasoleh.lol%2F&r=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
x-t: 1.29
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVpTPKQlTW2JRu647pYVpjBt0c25xJSTGh7F9FIjo0Q%2FzOnDgCZb7yDSkXVeFOkQGLlHFAUpRNe0TNmGYCqPzF4uPEeIySn56dpXYkEfxdOcVfoI0oeJsLgcmIUTUkmfW6viLAGjnZM3pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 84ace0df3c50c32b-EWR
expires: Thu, 25 Jan 2024 01:46:36 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame BBD3 33 KB
11 KB 125ms
102ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70518
x-amz-cf-id: 2MrqJLnxy3O3OnngwwwzQKX_DkK5MFuJ_8NkOQ7cSJpX-XH3zh-PdQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame BBD3 2 KB
3 KB 119ms
112ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame BBD3 51 B
387 B 282ms
261ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=rtx.dudasoleh.lol&_ss=41ooy8aasa&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=83pt&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb62d4052ef644a71f9b602bef92e7b5131f7b5f155945b995cd1fd554f1695b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
x-t: 0.106
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9mLzne1p4K2DH%2F3P0RVUqA7y3mg76sIhCY1VPy8S1wDpo49P7hY8k%2B2e29cA3RsN%2FZzTI6DAeEsD71WCKWnMcRYuYsDmIFilQKYGzty4qO9zULse6M5H8ue3oe1CV0BAT%2FPRMpPYEtdTHk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace0df4f8c8c15-EWR
expires: Thu, 25 Jan 2024 01:52:42 GMT

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame BBD3 35 B
248 B 579ms
217ms Image
image/gif 141.94.171.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A0170614755864712164A73D22398F
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.212 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-4.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 style.min.css
raja.hoki2d.xyz/wp-includes/css/dist/block-library/ Frame 760A 107 KB
15 KB 888ms
851ms Stylesheet
text/css 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:10:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyfYjdlBIlrtD20hze5eotPGNLE%2BuOX0oC%2BqLfxYgShrKmsWTTz9k5A9VKotOmWpanCWI6ppD1SO5Iz9xrordLmpJ2oeHxWeXliNe5KVOGd9%2FpLKDjiRkc1xCiQOCmFTP%2F4mbB6huwhZMtxE6vA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0df7c060f55-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:43 GMT

GET
H2 200 sidebar-login.css
raja.hoki2d.xyz/wp-content/plugins/sidebar-login/build/ Frame 760A 2 KB
677 B 688ms
652ms Stylesheet
text/css 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1688220023
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFUATtBnbJDeOy4oga3%2F6NwVy8h7o4FoxLzByHP%2BBAeI8qDkg6uisZll4lpli%2BILyd%2B4MqgUvvWMKMfFa62WoC0lFxnmq7drXOzbcYq7yzjTWM0bPWuip6qJ14JglWFpXY%2BjABECGNBtLcWxzQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0df7c070f55-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:43 GMT

GET
H2 200 style.css
raja.hoki2d.xyz/wp-content/themes/asteroid/ Frame 760A 28 KB
9 KB 686ms
651ms Stylesheet
text/css 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 09:04:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5r4UJBQXkC9lKvTHw%2FmcZh3Stu%2B5U60T8WkrpblY6OQKwZPdF%2FqQLwXeSqMIV0pvmXAKWVkYA0f1J8wgkRGB4RIiPf%2FcE5tUNHs7PWLnxendERoXcFFc9dCuR3mnQqTGgYDka9pRrcz%2F3YNsRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0df7c080f55-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:43 GMT

GET
H2 200 jquery.min.js Show response
raja.hoki2d.xyz/wp-includes/js/jquery/ Frame 760A 86 KB
31 KB 167ms
133ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:10:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123971
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZXm3cJZwr8zuPtYYLbL7NYlQcQXg1Sv3%2B9k15jAXmNlcwFS4IpsVArqIxSWdsCROisCvop8MnWQce5m4Lgr9OKxCLlE9iSFr5mLUcLGRR9q58%2BHwj5%2BYYBkP5DnBf1fXMgh2GaOEHkx7mx5v1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0df7c0a0f55-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 15:26:31 GMT

GET
H2 200 jquery-migrate.min.js Show response
raja.hoki2d.xyz/wp-includes/js/jquery/ Frame 760A 13 KB
5 KB 687ms
653ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 21:05:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upitbRhZZ65%2BPyWEz3KidzEP2QIqAULZD5k7dWaMGBfQighjmvdl9FtkgwuhyZ7tpn4izPqc1JZRxQEtdY5NVvLQaFWODQCSRFNQRqdFouUvGKPsa1TJKvPISkxVYeHm2IyctGseaIVg9OsWx5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0df7c0b0f55-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:43 GMT

GET
H3

200

/
bolo.treksantuy.xyz/ Frame 760A
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

921ms
802ms

Image
text/html

2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Jan 2024 01:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0CJGC2MFEfXlmHh2JSMJ7RtA5USUbtACpi0M9IIkFxL7Mjo3PjZ%2FjMqGeHniiSNgI%2BLYJXz%2BkoZWKOGT4v81l4C4MASA8GZWwdniRMpHItoSQY3qBRibSUxRo74v7XvXGdqRmw58MIh%2BpKQew4tyg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 84ace0df4bdc43c3-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 02:52:43 GMT

GET
H3 200 close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ Frame 760A 2 KB
2 KB 114ms
110ms Image
image/gif 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:39 GMT
x-content-type-options: nosniff
age: 4
content-disposition: inline;filename="close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
server: fife
etag: "v744"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 26 Jan 2024 01:52:39 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 5 MB
5 MB 1524ms
1426ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H3 200 unnamed-1.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 205 KB
205 KB 1180ms
1171ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-1.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bfcef82755bac56e01032d196dc587e851fcfb9a2a1882c7e283b9ea451a17a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:46:35 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 210028
expires: Mon, 12 Feb 2024 10:35:33 GMT

GET
H3 200 unnamed-3.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 224 KB
225 KB 1014ms
1003ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-3.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e78ac302ebdef9842d5c628cef762ed1ad4b9650dd4915810cbf3cdaa86010c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:48:07 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 229818
expires: Sun, 04 Feb 2024 06:51:54 GMT

GET
H3 200 unnamed-22.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 292 KB
292 KB 1024ms
1013ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-22.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d30f436b9752f07747f2b72cc77985554918de4f9b5e74c65271c89e3b1501b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:19:02 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 298675
expires: Tue, 06 Feb 2024 06:20:20 GMT

GET
H3 200 unnamed-5.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 362 KB
362 KB 1049ms
1039ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-5.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87d3abed87820941c3f8f4d8cc01563a8ef74d7886c948b9b0da3e3929bfce92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:51:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 370255
expires: Mon, 29 Jan 2024 17:58:49 GMT

GET
H3 200 unnamed-6.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 507 KB
507 KB 1050ms
1039ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-6.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ac6002b55a7bc33de07da0fc1391dbd8b61598823a7768591aed4b0e4a5e421a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:53:48 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 519311
expires: Thu, 01 Feb 2024 13:36:16 GMT

GET
H3 200 unnamed-7.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 528 KB
529 KB 1068ms
1058ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-7.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06710711e7517c22412aa923d472e9cce857b02605e4c0049cdc7edb666a132c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:55:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 541175
expires: Thu, 01 Feb 2024 12:45:20 GMT

GET
H3 200 unnamed-8.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 355 KB
356 KB 1079ms
1069ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-8.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ee5599420176d6c73cb80505f7d287e527d903336f0cfb2348ace130fb7d6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:57:28 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 363774
expires: Fri, 02 Feb 2024 21:18:28 GMT

GET
H3 200 unnamed-28.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 328 KB
328 KB 1091ms
1081ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-28.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8ac1e08581c5691d74fb1a69b925f400e14db93ddc9451db0b72456e4af3a2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:13 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335785
expires: Mon, 12 Feb 2024 15:00:38 GMT

GET
H3 200 unnamed-27.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 289 KB
289 KB 1096ms
1087ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-27.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cdf948f65cf951821da557dc5b8cc9067c64589070285feab8aa6f7c64657e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:18:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 295549
expires: Tue, 30 Jan 2024 10:59:57 GMT

GET
H3 200 unnamed-26.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 262 KB
263 KB 1117ms
1109ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-26.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbd4ea5e26cff619ebe31130ce16126cdcaff265a697139b20c80a960954832f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:17:49 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 268554
expires: Sat, 27 Jan 2024 19:14:15 GMT

GET
H3 200 unnamed-24.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 228 KB
228 KB 1189ms
1181ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-24.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e22819d3433cfdb5d3f848fee01b7cccc863970901de5efa3e80a7eadbd48c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 232980
expires: Wed, 21 Feb 2024 11:31:06 GMT

GET
H3 200 unnamed-25.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 693 KB
693 KB 1204ms
1195ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-25.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e31a5516051e3dcd6be48ada99dbf2d270db37dd3a304fded21e105f6c733bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 709526
expires: Sat, 27 Jan 2024 08:23:41 GMT

GET
H3 200 unnamed-29.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 193 KB
193 KB 1239ms
1231ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-29.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2388f1b8ef95668322254f1ae8523c148beceddccd6e239bd683281835e1180b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 197657
expires: Mon, 05 Feb 2024 21:03:21 GMT

GET
H3 200 unnamed.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 250 KB
250 KB 1270ms
1262ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:44:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 256150
expires: Thu, 15 Feb 2024 13:06:36 GMT

GET
H3 200 unnamed-10.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 270 KB
270 KB 1309ms
1301ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-10.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:31:01 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 276544
expires: Sat, 10 Feb 2024 18:12:52 GMT

GET
H3 200 unnamed-11.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 247 KB
247 KB 1310ms
1303ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-11.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:32:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 252743
expires: Sun, 11 Feb 2024 14:05:02 GMT

GET
H3 200 unnamed-12.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 282 KB
283 KB 1320ms
1313ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-12.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:33:50 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 289127
expires: Fri, 16 Feb 2024 22:13:10 GMT

GET
H3 200 unnamed-13.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 514 KB
514 KB 1334ms
1327ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-13.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:34:55 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 526000
expires: Sun, 11 Feb 2024 01:50:47 GMT

GET
H3 200 unnamed-14.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 291 KB
291 KB 2926ms
2919ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-14.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:35:54 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 297540
expires: Tue, 06 Feb 2024 19:30:34 GMT

GET
H3 200 unnamed-9.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 194 KB
194 KB 1436ms
1429ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-9.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:27:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 198395
expires: Mon, 12 Feb 2024 22:33:45 GMT

GET
H3 200 unnamed-15.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 388 KB
388 KB 1445ms
1438ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-15.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:37:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396918
expires: Tue, 06 Feb 2024 18:52:34 GMT

GET
H3 200 unnamed-16.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 326 KB
326 KB 1453ms
1447ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-16.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:39:46 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 333383
expires: Mon, 26 Feb 2024 08:44:51 GMT

GET
H3 200 unnamed-17.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 312 KB
312 KB 1489ms
1482ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-17.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:41:12 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 319266
expires: Wed, 07 Feb 2024 01:41:58 GMT

GET
H3 200 unnamed-18.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 188 KB
188 KB 1490ms
1483ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-18.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:42:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192555
expires: Sun, 28 Jan 2024 07:29:10 GMT

GET
H3 200 unnamed-19.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 280 KB
281 KB 1534ms
1527ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-19.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:43:23 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 286968
expires: Tue, 20 Feb 2024 13:23:07 GMT

GET
H3 200 unnamed-20.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 351 KB
352 KB 1541ms
1534ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-20.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:44:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 359746
expires: Tue, 06 Feb 2024 10:24:45 GMT

GET
H3 200 unnamed-21.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 265 KB
265 KB 1558ms
1551ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-21.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:45:42 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271048
expires: Thu, 25 Jan 2024 10:31:27 GMT

GET
H/1.1 200
OK 4797259.gif
s4is.histats.com/stats/i/ Frame 760A 43 B
182 B 352ms
140ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4797259.gif?4797259&103
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:45 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 email-decode.min.js Show response
raja.hoki2d.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 760A 1 KB
1 KB 70ms
70ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raja.hoki2d.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 15:56:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65aa9bb3-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7cQ6G3pJLhha1Rk5dekU75ToKYHkKANxpqNcok4biW5BShj7OfCnZo8L%2BYBTlIBiZCzDqHAUCVudDW%2BGuuKWEDChr7xVHFOvJu5hcH6EqVTI2yb6EEAqkwQJt13wd%2B0Tp2aiL8ueVBjhmGtYFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84ace0ed2bd80f9c-EWR
expires: Sat, 27 Jan 2024 01:52:45 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
raja.hoki2d.xyz/wp-includes/js/dist/vendor/ Frame 760A 8 KB
3 KB 100ms
89ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 23:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123961
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDphf%2FF7fTLeS7nf69Gr%2FyP5bqBismCYtdeYaq0gYwCuulid38YJUCgR8bZg5k67MN519pGDYQN5ZvOxFdyk%2BWe9OqJfWMlMbLGmUFWGdqpmrmju7OR7q7qLX9Dy3lLk9E9Evq1PFdBGH1IIP4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0ed3be70f9c-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 15:26:44 GMT

GET
H3 200 regenerator-runtime.min.js Show response
raja.hoki2d.xyz/wp-includes/js/dist/vendor/ Frame 760A 6 KB
3 KB 635ms
624ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:10:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhzaywUquSDL3657r0ctGwQBEFBVD9nuau8L58lhJZYU4R2tnwRgIPClWrDCnlZoWHhRg%2Br7Crwt4ePGKEpJGlJhAKBBncx46llkxRNTITb4%2FND0onV9UlCQRhuCNI1RK07hG5%2Fk2ECXX07LTSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0ed3be90f9c-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 wp-polyfill.min.js Show response
raja.hoki2d.xyz/wp-includes/js/dist/vendor/ Frame 760A 112 KB
36 KB 939ms
928ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:10:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FMfo8wZ4ys%2FsZqvXoB4BxQTzyLezH9zXYpgXuWDBUH9QY4aobfyZ6ea9ITpbWn4yPg4tvSrs%2BIcH2%2BF5rLZZhRW2dvLOkmC6Y5OP0LC%2FIOHCHgGnOVw3zSTjPX8uuhdC9UtnHQmKG0gAuMEXM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0ed3bea0f9c-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 frontend.js Show response
raja.hoki2d.xyz/wp-content/plugins/sidebar-login/build/ Frame 760A 4 KB
2 KB 100ms
90ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123955
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znfOZH8Yd9Dmx8xEAvaoZ%2BivWzyzjsde2VRhg9VWfFn%2Frg%2BR9943vuB0QGMnCPzGmr9KmuHf7vJpYD6XM%2FUpjoQD2ux4GFoFYQw%2F7NZEOeDHPTZE4BJW0tL3hbCgPNN6lnCkL4QO31BflCUmjN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0ed3bed0f9c-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 Jan 2024 15:26:49 GMT

GET
H3 200 wp-emoji-release.min.js Show response
markas-prediktor.info/wp-includes/js/ Frame 2414 18 KB
5 KB 446ms
413ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4651
expires: Thu, 01 Feb 2024 01:52:43 GMT

GET
DATA 200
OK truncated
/ Frame BBD3 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f89f1fe1c86dc63bdd3668f2922215318bc10dc9ade1d22300121b41d541f726

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 907be007-dd2d-4ea2-bae0-806de19182ff
https://raja.hoki2d.xyz/ Frame 760A 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://raja.hoki2d.xyz/907be007-dd2d-4ea2-bae0-806de19182ff
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 2b50.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame BBD3 554 B
640 B 175ms
124ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2b50.svg

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame B847 0
289 B 299ms
160ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147560250&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=sky.pasukanantidepo.shop&pn=%2F&qs=na&rdn=sky.pasukanantidepo.shop&rpn=%2F&rqs=na&cc=US&cont=NA&evid=LwbU-0YAbTblO6BRMD5J&urls=!1!696!b-13j,!0!1933!b-13l,!1!722!b-14s,!1!0!b-14t,!1!688!b-150,!1!687!b-16f&rnd=1706147563541&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=91&bcnLcy=102

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:43 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ 0
144 B 457ms
321ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=21541&pu=
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7BA452D98A144EE98AD12F4F965F8B90 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:43Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu296XGnxIfD8NABhYg==

GET
H2

200

bk_sync.xgi
x.dlx.addthis.com/e/ Frame D5AB
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=37261
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155&rd=Y
https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024012501524400061385747456&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=WB9qnL7%2B99YUrfak

43 B
593 B

120ms
106ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=WB9qnL7%2B99YUrfak

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Server

104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 01:52:44 GMT
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:44 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=WB9qnL7%2B99YUrfak
date: Thu, 25 Jan 2024 01:52:44 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

googlegdn_sync
x.dlx.addthis.com/e/ Frame 56C5
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=11580
https://he.lijit.com/merge?pid=8105&event_type=email&lc_md5=cbdcc14ccc7e4eab2efafef4f54d3155&lc_sha1=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&lc_sha256=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19...
https://p.alcmpn.com/em/173/110/2360.gif?gid=cbdcc14ccc7e4eab2efafef4f54d3155
https://e.dlx.addthis.com/e/a-1564/s-5719?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyNDAxMjUwMTUyNDQwMDA2MTM4NTc0NzQ1Ng%3D%3D
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESECMdXbqc1_7IklooOuXOEvo&google_cver=1

43 B
182 B

162ms
129ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESECMdXbqc1_7IklooOuXOEvo&google_cver=1

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Server

104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 01:52:46 GMT
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:46 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESECMdXbqc1_7IklooOuXOEvo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 293
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame BBD3 2 KB
2 KB 104ms
103ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9625712016802928&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:43 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame BBD3 42 B
265 B 110ms
109ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fbolo.treksantuy.xyz%2F&event_source=dtscout&rnd=0.9625712016802928&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame BBD3 50 B
456 B 148ms
147ms Fetch
application/json 52.84.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.18.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-18-2.ord53.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
via: 1.1 2da8dd4c67461e73843e03d8fb933e64.cloudfront.net (CloudFront), 1.1 b355b23fdbed3c58c37ede4924bc4602.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, ORD53-C2
x-amzn-requestid: 42db0c57-9679-4cab-b813-22867bd0c9a3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SErE5EZwCYcEbxQ=
content-length: 50
x-amz-cf-id: cyFLmJXNq8iTOe1vtXdlm__v3up1r3QYWmM2oZ9FtL33o774faq74A==

GET
H3 200 close.png
rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/ Frame BBD3 4 KB
5 KB 319ms
318ms Image
image/png 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/close.png
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53314
alt-svc: h3=":443"; ma=86400
content-length: 4393
last-modified: Mon, 19 Jun 2023 09:09:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uekSAtpVsj3vtwIBkNAZRjgrYSmmLBQ7lGjiGwH9var%2FnkUA8tdeYHgaRY9%2BUlIdsRryluL65B%2FE4tGCI25wCcVCFTYSXD7cJbXnnS7wb7cwZbjCEH5UIIssiM9W%2Fpljp%2FjKtuYXUY%2F7e%2F9TYAHUxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84ace0e2efbd4385-EWR
expires: Wed, 31 Jan 2024 11:04:07 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 2414 22 KB
12 KB 121ms
114ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28774
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0e33f5141cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 2414 7 KB
4 KB 271ms
264ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4710982.php?4710982&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMARKAS%20PREDIKTOR%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fking.laskar2d.xyz%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:84598341&@b3:1706147563&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmarkas-prediktor.info%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01a3756db37f2ada0dabf92b1eb9bc7593a90eb07697af344affebe28cd54a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
x-t: 0.209
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZKqvvd8w0lz9PGznem6TGfqVQv9OFQnraUkJotpzQUCwpg3a9SgeR%2BMHZHElJZUVX%2FKT9x5p6eZkBcXqSOLg6x12WbnXRG6E6iucQPjdj2FjxAqNIB5hmEGTHwLKVRrZnEbQE2%2BReaP2NU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace0e33c538c15-EWR
expires: Thu, 25 Jan 2024 01:52:43 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=3487
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
951 B

308ms
129ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:45 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:45 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame D5AB 0
144 B 147ms
135ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=54937&pu=https://sky.pasukanantidepo.shop/
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 642DA278DA0D4F6AB5F06AAB166C8ED8 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu2+E+DviJ4CaiFCMaw==

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 16CF 2 KB
1 KB 60ms
60ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9625712016802928&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:45 GMT
Expires: Thu, 01 Feb 2024 01:52:45 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 56C5 0
143 B 155ms
139ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=56015&pu=https://sky.pasukanantidepo.shop/
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 72A2A16B82B2452EB3FA64B439F19602 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu2+F0/Js94FJ9bMLzA==

GET
H2 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame EE5D 107 KB
13 KB 290ms
266ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:52:44 GMT

GET
H2 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame EE5D 227 B
282 B 292ms
268ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:52:44 GMT

GET
H2 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame EE5D 2 KB
385 B 293ms
269ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:52:44 GMT

GET
H2 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame EE5D 28 KB
8 KB 294ms
271ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:52:44 GMT

GET
H2 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame EE5D 3 KB
838 B 296ms
274ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:52:44 GMT

GET
H2 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame EE5D 86 KB
29 KB 516ms
489ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:52:44 GMT

GET
H2 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame EE5D 13 KB
5 KB 524ms
497ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:52:44 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame EE5D 157 KB
26 KB 56ms
31ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:44 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461278
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18138-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame EE5D 30 KB
7 KB 60ms
35ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 4991745
cdn-cachedat: 10/31/2023 18:51:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f99c225dea09fd9a1dc0298de4f8988a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace0e71af5431c-EWR
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame EE5D 21 KB
8 KB 68ms
44ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:44 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977771
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18138-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame EE5D 62 KB
16 KB 60ms
36ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:44 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948452
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18138-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 0.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 750ms
727ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:52:44 GMT

GET
H2 200 6.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 750ms
728ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:44 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:52:44 GMT

GET
H2 200 4.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 350ms
297ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H2 200 2.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 353ms
301ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame EE5D 24 KB
25 KB 364ms
361ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 587ms
583ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame EE5D 24 KB
25 KB 560ms
557ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 1112ms
1109ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 362ms
359ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame EE5D 43 B
182 B 254ms
80ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:45 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame EE5D 8 KB
3 KB 289ms
287ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2320
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame EE5D 6 KB
2 KB 363ms
359ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame EE5D 112 KB
34 KB 290ms
286ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame EE5D 4 KB
2 KB 362ms
358ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame BBD3 5 KB
2 KB 71ms
63ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 283
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: E8lKpUHvYLRGHG1GNoiLCWMSEWxMlYRncdkcvLSENq3pOCzNlr1jQA==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 2414 58 KB
18 KB 77ms
76ms Script
text/javascript 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:33:31 GMT
content-encoding: gzip
via: 1.1 9d71affbaf22baf23eab459f3d2ee77a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P1
age: 44655
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 4E9DeYmAd2kzusqMqAfpsm8h8VZCFKyKduJGM4Oeim5rESKqr7MXmQ==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 2414 0
441 B 81ms
68ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmarkas-prediktor.info%2F&r=https%3A%2F%2Fking.laskar2d.xyz%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
x-t: 2.82
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P90ct6fQ0iswbX437BknANZGhJ6CKPd26VuI%2BD%2F05lanujtbczzLJZu0BXIY00gUTCFdsZQDt2XIU9Tz6K02GJSILQR3lVtOTUoNRM2hxqkZYX8x%2BgO8ZT5%2BTklFRpllpQ8QoOnS1qUWXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 84ace0ec5f02c32b-EWR
expires: Thu, 25 Jan 2024 01:50:27 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 2414 33 KB
11 KB 81ms
69ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70520
x-amz-cf-id: gQUbL6HTPWLskBAmuFi0pst6Po5RmYUqi8wuq6Ou5OR_rVu-sNe0tg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 2414 2 KB
3 KB 61ms
60ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:45 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 2414 51 B
401 B 269ms
251ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=markas-prediktor.info&_ss=4js7xvgqdd&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5okm&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a4e22c3170ea6411798cc0ab605b6f67dabe81eb04e417f9c26c160bd374311

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
x-t: 0.147
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMS1YHw5u4ayrdFgDjtXLVetIx7OPCOmnJja1rTbuR%2FJnhAa9tugd2YrKCtqsLtdgVs5ecRn5VbDx7G5dTd%2BYVIk5uniI5JgVqis1ZhkILoGHDbNz1T%2FuNQ%2BKGtm45wHc3Zv%2BKk%2FeQL8jfc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace0ec6f108c15-EWR
expires: Thu, 25 Jan 2024 01:52:44 GMT

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 2414 35 B
248 B 130ms
128ms Image
image/gif 141.94.171.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A0170614755864712164A73D22398F
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.212 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-4.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 2414 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

googlegdn_sync
x.dlx.addthis.com/e/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=81761
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=cbdcc14ccc7e4eab2efafef4f54d3155
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyNDAxMjUwMTUyNDQwMDA2MTM4NTc0NzQ1Ng%3D%3D
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESECMdXbqc1_7IklooOuXOEvo&google_cver=1

43 B
182 B

105ms
104ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESECMdXbqc1_7IklooOuXOEvo&google_cver=1

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Server

104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 01:52:46 GMT
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:46 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESECMdXbqc1_7IklooOuXOEvo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 293
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame C0DA 85 B
464 B 160ms
158ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725941
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: HRP6SJXBtFwTynMm86sm3CJEwpfplFUsso1tNPgkfQmbwcbTcaPUJg==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D5AB
Redirect Chain

https://um.simpli.fi/lj_match?r=37321
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
951 B

196ms
63ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:45 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:45 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 56C5
Redirect Chain

https://um.simpli.fi/lj_match?r=13272
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
951 B

221ms
96ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:45 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:45 GMT

GET
BLOB 200
OK 9425ec8f-5fdc-42df-be5d-a13f4cd3c27e
https://zona-bermain.com/ Frame EE5D 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://zona-bermain.com/9425ec8f-5fdc-42df-be5d-a13f4cd3c27e
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3

200

result.php Show response
wget.angkapaito.net/ Frame 4D77
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
927 B

108ms
106ms

Document
text/html

2606:4700:3037::6815:605a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:605a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2497636d6c13bedc7f466897ad9690fb055dc123f481b599c9e1174a04fb17

Request headers

Referer: https://raja.hoki2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0ee28b7c35d-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUUe3sh0PedT3zeT8s2ez2tYDitOQ9tG9a3SfdAQ96CZbKKpMveyoK47V2OiBdyX3fLuXgUibXR8ZsmBoZdQHC2ZGtn2O03KGchLr%2BeAQlXfigjBsdWN1A9%2B08y2XrYzX7NeS69AT7SHHzWuw626qkoR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace0ed4a37422d-EWR
content-type: text/html
date: Thu, 25 Jan 2024 01:52:45 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNQe7zu8Cnuyo0SA%2FRtM%2FhQCPSyfVkaUkLuiFTclk6nEe2eEV38QZUBxmCYSxG8TykGm3405WOr10WaSKmeVuDyOpPs7kSoXvaVbPRUGxT47IieL8NQpGIkEV%2FS8k9n4VzY2VBEYe7FJ2CG3vjOWWsZTW30%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

/
bolo.treksantuy.xyz/ Frame 760A
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

801ms
800ms

Image
text/html

2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Jan 2024 01:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7FKGKY4cax%2FiXWRZVdooOzhJINNyNbyalfNfpdCKvIdvpcWX1I028ltaBusFkn5kjKNQxeANUqqlDAXotgDOdl0k35Cka7qp%2BmhM2F0RTIsfP1PAmeFhI5Dbl5j%2FlnJIBgS64wKZkCsTCUovfrchA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 84ace0ed4d0543c3-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 02:52:45 GMT

GET
H3 200 unnamed.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 760A 250 KB
250 KB 1591ms
1585ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 23 np
date: Thu, 25 Jan 2024 01:52:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:44:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 256150
expires: Thu, 15 Feb 2024 13:06:36 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 760A 11 KB
5 KB 87ms
78ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68102
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0ed4b6841cd-EWR
content-length: 4547

GET
DATA 200
OK truncated
/ Frame 760A 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 73D3 19 KB
9 KB 70ms
69ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:45 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame BBD3 41 B
465 B 66ms
65ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: c76620cbca3408b460b44d17494eaacdb69f791771e952d0d55ac969d3e9a390

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://rtx.dudasoleh.lol
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H3 200 0.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 617ms
609ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 616ms
608ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 545ms
537ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 655ms
646ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 646ms
638ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame EE5D 24 KB
25 KB 583ms
575ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 583ms
575ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame EE5D 25 KB
25 KB 613ms
606ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:52:45 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame EE5D 11 KB
4 KB 88ms
78ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68102
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0ee2c5641cd-EWR
content-length: 4547

GET
H2 200 poltar.php Show response
kaptenoleng.com/ Frame B412 10 KB
3 KB 1661ms
550ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:47 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame C0DA 766 B
1 KB 89ms
82ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387455
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 7-Pep6IIP0gOL68vtFWPovpjv9f2Ooi3sRu23LuNbHmzDhVkLwJa8A==

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame EE5D 75 KB
76 KB 104ms
104ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace0ee3a9e43f8-EWR
cdn-requestpullsuccess: True

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 2414 2 KB
2 KB 80ms
64ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6337282638888788&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:45 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 2414 42 B
265 B 83ms
67ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fking.laskar2d.xyz%2F&event_source=dtscout&rnd=0.6337282638888788&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:45 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 2414 50 B
455 B 98ms
78ms Fetch
application/json 52.84.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.18.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-18-2.ord53.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:45 GMT
via: 1.1 f4f803a07c00c28a23ae0722c6c0389a.cloudfront.net (CloudFront), 1.1 b355b23fdbed3c58c37ede4924bc4602.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, ORD53-C2
x-amzn-requestid: 85d33edb-d1bb-43ec-adfd-211130478566
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SErFOEmzCYcEBnw=
content-length: 50
x-amz-cf-id: Tgq4yIrTc-pSNWlN8OAN3rBRp6_cQDaBkIeJf-W1aOFlUwf-DxoHew==

GET
H3

200

/ Show response
zona-bermain.com/pola-dasar/ Frame A16B
Redirect Chain

https://zona-bermain.com/pola-dasar
https://zona-bermain.com/pola-dasar/

114 KB
21 KB

491ms
489ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/pola-dasar/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

1d98776dd4a4e09265a41eb51d98cb24802b57c060c03ff1e7229a0c84ea496a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:47 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/193>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=193>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:46 GMT
location: https://zona-bermain.com/pola-dasar/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK 4797259.php Show response
s4.histats.com/stats/ Frame 760A 434 B
569 B 302ms
131ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4797259.php?4797259&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mHOKI2D%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@ohttps%3A%2F%2Frtx.dudasoleh.lol%2F&@q0&@r0&@s3021&@ten-US&@u1600&@b1:90830990&@b3:1706147566&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fraja.hoki2d.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 44f31e13bd49b6ea3d2212c98d2b8382c95b57005996e3a5582d748da177284a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:46 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2

200

turn_sync.xgi
x.dlx.addthis.com/e/ Frame D5AB
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=44126
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=b6ed657b7558e2ab9f72bb77bb3d8d44
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NDg4NjUvdC8y/dpuid/2024012501524400061385747456/url/https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fturn_sync.xgi%3Fna_exid%3D%24!%7BTURN_UUID%7D
https://x.dlx.addthis.com/e/turn_sync.xgi?na_exid=8807815104210564113

43 B
182 B

140ms
95ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/turn_sync.xgi?na_exid=8807815104210564113

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Server

104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 01:52:47 GMT
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:47 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/turn_sync.xgi?na_exid=8807815104210564113
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame D539 85 B
463 B 89ms
71ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725942
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: ji2dawlcP2T2tBrR5Ns7FJPQXnbo5HUA_hi90GKgLxGW6P9BQg9boQ==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

200

turn_sync.xgi
x.dlx.addthis.com/e/ Frame 56C5
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=73304
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=b6ed657b7558e2ab9f72bb77bb3d8d44
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NDg4NjUvdC8y/dpuid/2024012501524400061385747456/url/https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fturn_sync.xgi%3Fna_exid%3D%24!%7BTURN_UUID%7D
https://x.dlx.addthis.com/e/turn_sync.xgi?na_exid=2466746828872905745

43 B
182 B

185ms
140ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/turn_sync.xgi?na_exid=2466746828872905745

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Server

104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 01:52:47 GMT
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:47 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/turn_sync.xgi?na_exid=2466746828872905745
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 9800 85 B
464 B 112ms
96ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725942
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: uKXi2KA4gASBx7OBQDEHyANS76uZl_3BD4chct3RCJpGA0ilOw33vg==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 73D3 0
289 B 67ms
60ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147564469&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=bolo.treksantuy.xyz&pn=%2F&qs=na&cc=US&cont=NA&evid=4JdU-0YAr3t8F9abbf6w&urls=&rnd=1706147566202&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=436&bcnLcy=403

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:46 GMT

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame EE5D 438 B
573 B 304ms
114ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20BERMAIN%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fmarkas-prediktor.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-36408256&@b3:1706147566&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: be5544e19bd8ef5503e46a466cb1f233e358f806119ff1c2a1cb884d1503455c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:46 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame E0FF 2 KB
1 KB 74ms
51ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6337282638888788&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:46 GMT
Expires: Thu, 01 Feb 2024 01:52:46 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame D539 766 B
1 KB 69ms
34ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387456
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: XKgWTHp42fvheHBCBw1GAVRpVG0-TjOQSegv1SWGdwJ8gd6uWlTTkQ==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 2414 5 KB
2 KB 76ms
67ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 284
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: oIa-RRj7ivlkPzLs-14VowSGdrjJOEH8G5qxSnsPUN-AN1wNSOIT8w==

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame EE5D 18 KB
5 KB 288ms
284ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:46 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:52:46 GMT

GET
H2 200 cc_3021.js Show response
s10.histats.com/counters/ Frame 760A 18 KB
8 KB 77ms
64ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3021.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d310891fe2f1cfd19e14cc4e74f47ae90b95a9f981ff5e8d5d9ad15bd825448

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 41421
etag: "-1322903896"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0f40b1041cd-EWR
content-length: 7783

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 760A 7 KB
3 KB 281ms
270ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4797259.php?4797259&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mHOKI2D%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@ohttps%3A%2F%2Frtx.dudasoleh.lol%2F&@q0&@r0&@s3021&@ten-US&@u1600&@b1:90830990&@b3:1706147566&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fraja.hoki2d.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 503dbebf746b08ab2fadbda645ed92ac9f21901f4979007743a235c9961afe7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:46 GMT
x-t: 0.24
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZoZyx%2Bsz8hKz9n8a%2BuuWA3Ae5z%2BscMwGv0I6awPgnbZSyxHi6S4ckezZ8XaT9U395uq%2BF66Jt%2BU2ASb9170NA8SzBdgHKLn86do7e8G3WbXeLr1m49Ymq4zue%2Fi7ZIYTjWvUMNr5dCzNQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace0f408798c15-EWR
expires: Thu, 25 Jan 2024 01:52:45 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame BBD3 43 B
177 B 106ms
103ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:46 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame EE5D 13 KB
4 KB 88ms
76ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52233
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0f45b6e41cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame EE5D 7 KB
3 KB 227ms
215ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20BERMAIN%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fmarkas-prediktor.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-36408256&@b3:1706147566&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb0cf69cc1d941b0d4c565d0e364b60692b498d3f80d71388f6fc363dd0a8a1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:46 GMT
x-t: 0.238
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woyma%2Bg1lF3495eL8S%2FHyVJGSXfVVZazHxtuPiFeaAz6K3SzKh7zndypYwh69zX%2F5aYRr8J%2FoBwMvBIfr8JJnVH2KW%2FOSKa8HwsDnBwbwxoNDNQji4efBCdMPBldk9xYYgLmrNzTSRFrcVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace0f468f38c15-EWR
expires: Thu, 25 Jan 2024 01:52:45 GMT

GET
H3 200 wp-emoji-release.min.js Show response
raja.hoki2d.xyz/wp-includes/js/ Frame 760A 18 KB
5 KB 649ms
644ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Feb 2023 12:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OvtpWq6KBcAgYcPdGLuRtXf3dVlM7A%2BmjdIRafN0Q05TxY18WXzA8maGolI4Ivd%2BS3O%2FunrHrw6BJTytLnsG%2FUmJGnGXGcmL9krzpXQ4f6OaNXyDoCFqqAIpQahn7y%2FerG4BpfWDrmkTk7zc84%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84ace0f45b6c0f9c-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 01:52:46 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 9800 766 B
1 KB 69ms
66ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387456
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: dc68rYKLDQF1yUIUKOPfWAFjiIVSZB291kTeFHZAimywdQ3BFko7lQ==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 0EC7 19 KB
9 KB 59ms
51ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:47 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:47 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=IDEQiSZHoL1tX3WzRa2vaD_p/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=cf48f38f57b5afc8f1fef27f7cc9f596

43 B
1 KB

41ms
40ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=cf48f38f57b5afc8f1fef27f7cc9f596
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:47 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:47 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=cf48f38f57b5afc8f1fef27f7cc9f596
cache-control: no-cache
x-server: 10.40.1.193
content-length: 0
expires: 0

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 2414 41 B
469 B 44ms
39ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: c76620cbca3408b460b44d17494eaacdb69f791771e952d0d55ac969d3e9a390

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://markas-prediktor.info
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
DATA 200
OK truncated
/ Frame 760A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a781450129f4a3dbafcfe62558de75c582c35f1a3f44a6a3603d30175b7b0bf

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 760A 0
436 B 87ms
73ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fraja.hoki2d.xyz%2F&r=https%3A%2F%2Frtx.dudasoleh.lol%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
x-t: 4.2
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V95ACUiN0fh6uLjWXn6NhvwaY4IDfpRZsKo%2FlACLE4qcdV2A4hzm5aIOdwUBRbPIkQ2O8YsO626fhNHnQnZm7BLLrGJVdvYB0HRT2VEC1x1NIexaKMheA0I1MSr7IfvQyZ9tV4eJ5BbnKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 84ace0f768dfc32b-EWR
expires: Wed, 24 Jan 2024 23:32:32 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 760A 33 KB
11 KB 76ms
63ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70522
x-amz-cf-id: ip5T_hjHuwRLQ7IuDzzZosgia6plLZKd6SlsUyvyYZk0JRysn1fdcQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 760A 2 KB
3 KB 68ms
62ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 760A 51 B
388 B 233ms
210ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=raja.hoki2d.xyz&_ss=8eckeh1smm&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5yh4&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30fd611e6fd3f2dda62a5bb94179dc595dd6f318660f5c11255af686c9509827

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
x-t: 0.115
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP0mWwy1uO03jl7Q66PUMwTdAs6bUT896IlJfsB%2B8EtqiZL3pB1y5ocbCyCbqKt9GgbXEWaOKn6BeO2x%2Fg4aqGDAhevHTS%2FkuJ1QfNqoUvhRmf6jQ%2Bx0VTjMvPjLlokpBeQnGQGgqWcntug%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace0f76d288c15-EWR
expires: Thu, 25 Jan 2024 01:52:46 GMT

GET
H2 200 tpid=51A0170614755864712164A73D22398F
bcp.crwdcntrl.net/5/c=3825/tp=DTSC/ Frame 760A 49 B
365 B 69ms
46ms Image
image/gif 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A0170614755864712164A73D22398F
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:47 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.15.3
content-length: 49
expires: 0

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 760A 35 B
248 B 114ms
112ms Image
image/gif 141.94.171.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A0170614755864712164A73D22398F
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.212 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-4.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame EE5D 58 KB
18 KB 72ms
59ms Script
text/javascript 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:33:31 GMT
content-encoding: gzip
via: 1.1 9d71affbaf22baf23eab459f3d2ee77a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P1
age: 44657
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: jW5jZouZ-Yh2g7pkFkA6Dfvs2eA-Wz0gPjf7-oMTIqGi8yfl_0eoWw==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame EE5D 35 B
248 B 209ms
110ms Image
image/gif 141.94.171.212
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A0170614755864712164A73D22398F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.212 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-4.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame EE5D 0
538 B 136ms
125ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2F&r=https%3A%2F%2Fmarkas-prediktor.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
x-t: 1.13
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsJUcSP%2BRRW5SbJf9%2FfiA76ke1L2lm6BF8rWhIKdybLRcYXW9AyjlFC%2Fh1VyYeAFKaZTL6PQt8FyEGcGxKsRg6NN6pygYk5mZYmL%2F3W9jtcfI7eskIOG6wt9cQs4jVbPJuh%2Bx1hlPU%2F1zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 84ace0f7990ec32b-EWR
expires: Thu, 25 Jan 2024 01:46:40 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame EE5D 33 KB
11 KB 70ms
60ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70522
x-amz-cf-id: uAmda1fdapu9ZcrUaM0vZxlMIo6wRAKoRZdAj9ttFn-7-ehrz4TV2Q==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame EE5D 2 KB
3 KB 57ms
53ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:47 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame EE5D 51 B
340 B 227ms
223ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=7cry&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b61e7247eece2e31587588e19c5517d731ee6b484fa3cef94ccf0503c817a0f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
x-t: 0.119
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fS5JAqzBao%2B55KRMW5MINsD9MrVxKBdQTkvsEKgNqw4xp5RsID9tpb1J1%2B%2BQMDnnt3ypxgJrvn7kslWi28TfpY%2BcCsFmZ6WmqYpuatoaR6k%2BwKg1Gz8xV57QP7xNTd1U3%2Fti3hzjEQb%2FhyY%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace0f79d4e8c15-EWR
expires: Thu, 25 Jan 2024 01:52:46 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 3F6B 0
0 110ms
104ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=46479
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:47 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: i8MdGvBAWGEiM7EpKi5fB39eYErFY5_mSrbL1b-AaXKHmUuOYELTsw==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame A16B 107 KB
13 KB 328ms
317ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:52:47 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame A16B 227 B
271 B 351ms
341ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:52:47 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame A16B 2 KB
374 B 352ms
342ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:52:47 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame A16B 28 KB
8 KB 354ms
344ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:52:47 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame A16B 3 KB
827 B 350ms
340ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:52:47 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame A16B 86 KB
29 KB 384ms
374ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:52:47 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame A16B 13 KB
5 KB 380ms
369ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:52:47 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame A16B 157 KB
26 KB 59ms
48ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461281
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A16B 30 KB
7 KB 74ms
63ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4894927
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ace0fa0b4d423a-EWR
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame A16B 21 KB
8 KB 71ms
61ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977773
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame A16B 62 KB
16 KB 72ms
62ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948455
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
zona-bermain.com/js/ Frame A16B 0
0 504ms
494ms Script
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/js/jquery-1.10.2.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
server: LiteSpeed
x-powered-by: PHP/8.2.14
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame A16B 25 KB
25 KB 313ms
302ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:52:47 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame A16B 25 KB
25 KB 379ms
369ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:47 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:52:47 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame A16B 25 KB
25 KB 300ms
286ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame A16B 25 KB
25 KB 302ms
295ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame A16B 24 KB
24 KB 302ms
297ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame A16B 25 KB
25 KB 309ms
304ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame A16B 24 KB
24 KB 361ms
356ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame A16B 25 KB
25 KB 365ms
360ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame A16B 25 KB
25 KB 377ms
373ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame A16B 43 B
182 B 213ms
74ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:48 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame A16B 3 KB
1 KB 404ms
401ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame A16B 8 KB
2 KB 295ms
293ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame A16B 6 KB
2 KB 337ms
337ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame A16B 112 KB
34 KB 283ms
280ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame A16B 4 KB
2 KB 300ms
295ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 0EC7 0
289 B 92ms
70ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147566253&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=king.laskar2d.xyz&pn=%2F&qs=na&cc=US&cont=NA&evid=rjdU-0YAGHurfiYNCuQL&urls=&rnd=1706147567863&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=687&bcnLcy=271

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:47 GMT

GET
H2 200 bbjs.js Show response
bungaprediction.top/ Frame B412 15 KB
4 KB 1012ms
296ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3247
expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 644 B
1 KB 56ms
52ms Script
application/javascript 34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: 8a5dffbb0044ab076ecd87275a5835c9063bd7029bca6c599b4b16380a4812f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Thu, 25 Jan 2024 01:52:48 GMT
Content-Length: 644
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

sync
thrtle.com/ Frame BBD3
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=85778
https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=cbdcc14ccc7e4eab2efafef4f54d3155&lc_sha1=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&lc_sha256=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19...
https://thrtle.com/2002?sha256=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7&md5=cbdcc14ccc7e4eab2efafef4f54d3155&sha1=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68
https://thrtle.com/12?mc=6e41526d-de95-49a1-ac30-86e5faeef8ef&md5=cbdcc14ccc7e4eab2efafef4f54d3155&org_pid=2002&sha1=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&sha256=7856397e163cef2017d0ae8b2607da2d...
https://thrtle.com/sync?vxii_pid=12&dt=1706147568&vxii_rmax=5

43 B
548 B

57ms
53ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=12&dt=1706147568&vxii_rmax=5
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 25 Jan 2024 01:52:48 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/sync?vxii_pid=12&dt=1706147568&vxii_rmax=5
date: Thu, 25 Jan 2024 01:52:48 GMT
content-type: text/html; charset=utf-8
content-length: 92
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 2414 43 B
177 B 59ms
58ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:48 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2

200

sync
thrtle.com/ Frame D5AB
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://thrtle.com/sync?_reach=1&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p&vxii_pid=12&vxii_pid1=7002&vxii_rcid=03f3630b-90a5-4afc-962f-0e2006ab38df&vxii_rmax=1
https://match.prod.bidr.io/cookie-sync/throtle?
https://match.prod.bidr.io/cookie-sync/throtle?_bee_ppp=1
https://thrtle.com/sync?vxii_pdid=AACipU7LY34AABLeucDDpQ&vxii_pid=5037&_t=1706147569.3243139
https://loadm.exelator.com/load/?p=204&g=1133&j=0
https://loadm.exelator.com/load/?p=204&g=1133&j=0&xl8blockcheck=1
https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=bf59567db7ef986f726c91f902181978

43 B
540 B

58ms
18ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=bf59567db7ef986f726c91f902181978
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 25 Jan 2024 01:52:49 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Thu, 25 Jan 2024 01:52:49 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=bf59567db7ef986f726c91f902181978
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 760A 2 KB
2 KB 34ms
32ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.28477734559540124&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:48 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 760A 42 B
265 B 53ms
51ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Frtx.dudasoleh.lol%2F&event_source=dtscout&rnd=0.28477734559540124&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 760A 50 B
455 B 117ms
92ms Fetch
application/json 52.84.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.18.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-18-2.ord53.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
via: 1.1 f81ddd3d706425245c1c9b0c3055c8b2.cloudfront.net (CloudFront), 1.1 b355b23fdbed3c58c37ede4924bc4602.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, ORD53-C2
x-amzn-requestid: 4fc8f44e-2399-4e8a-9ded-28823664203e
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SErFoHqGiYcEBYw=
content-length: 50
x-amz-cf-id: fOHWihWb9ZJvwn-JU1pR0emDrWUq_w0Bq10GhDaTA52qO4wYj0O9Dw==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame EE5D 2 KB
2 KB 51ms
39ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6470961434834199&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:48 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame EE5D 42 B
265 B 64ms
55ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmarkas-prediktor.info%2F&event_source=dtscout&rnd=0.6470961434834199&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame EE5D 50 B
454 B 119ms
103ms Fetch
application/json 52.84.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.18.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-18-2.ord53.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
via: 1.1 d6d2c99e22fa470e01c3d422bed2160e.cloudfront.net (CloudFront), 1.1 b355b23fdbed3c58c37ede4924bc4602.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, ORD53-C2
x-amzn-requestid: 1e5f8f58-43ab-412d-8907-66c1f70bae9f
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SErFpEPiCYcEcqw=
content-length: 50
x-amz-cf-id: D10rrtbdEVNRcO9Sv8aIYJr23exMUDCe7n6bZHZnyPesK7MikwOf4g==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame A16B 11 KB
5 KB 71ms
70ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68105
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace0ffeab241cd-EWR
content-length: 4547

GET
H2 200 poltar.php Show response
kaptenoleng.com/ Frame B322 10 KB
2 KB 287ms
281ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:48 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A16B 75 KB
76 KB 66ms
65ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 3
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace0fffa0843f8-EWR
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=ad295b94-2022-4a08-8e14-97c9109b6633&bid=1e2n4ou

70 B
440 B

71ms
70ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=ad295b94-2022-4a08-8e14-97c9109b6633&bid=1e2n4ou
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 25 Jan 2024 01:52:48 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=ad295b94-2022-4a08-8e14-97c9109b6633&bid=1e2n4ou
date: Thu, 25 Jan 2024 01:52:48 GMT
server: Kestrel
content-length: 191

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-eKKPNJFE2pVTwQQgdMw8w6qgwNCdKmCOPxM-~A

70 B
440 B

34ms
34ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-eKKPNJFE2pVTwQQgdMw8w6qgwNCdKmCOPxM-~A
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 25 Jan 2024 01:52:49 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-eKKPNJFE2pVTwQQgdMw8w6qgwNCdKmCOPxM-~A
date: Thu, 25 Jan 2024 01:52:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZbG_8AARAHb41ABH
https://ps.eyeota.net/match?uid=ZbG_8AARAHb41ABH&bid=0rijhbu&referrer_pid=51md42u&_test=ZbG_8AARAHb41ABH

70 B
440 B

98ms
45ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=ZbG_8AARAHb41ABH&bid=0rijhbu&referrer_pid=51md42u&_test=ZbG_8AARAHb41ABH
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 25 Jan 2024 01:52:49 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by: cache-ewr18154-EWR
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706147569.963719,VS0,VE0
x-cache: HIT
location: https://ps.eyeota.net/match?uid=ZbG_8AARAHb41ABH&bid=0rijhbu&referrer_pid=51md42u&_test=ZbG_8AARAHb41ABH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253D51md42u
https://ps.eyeota.net/match?uid=6295036647698144493&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

52ms
50ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=6295036647698144493&bid=2cr76e1&referrer_pid=51md42u
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 25 Jan 2024 01:52:49 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:48 GMT
an-x-request-uuid: d499af75-62e1-4091-8748-b56d7679b700
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ps.eyeota.net/match?uid=6295036647698144493&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin: 206.66.96.82; 206.66.96.82; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

5386
tags.bluekai.com/site/
Redirect Chain

https://tags.bluekai.com/site/39798?limit=1&id=2yJsSDkzPdQYyrd2r0BJlgOkvQ7dBarNh0ZydTtjxWPE
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=ad295b94-2022-4a08-8e14-97c9109b6633&gdpr=0&gdpr_consent=

62 B
306 B

298ms
297ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5386?id=ad295b94-2022-4a08-8e14-97c9109b6633&gdpr=0&gdpr_consent=
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 25 Jan 2024 01:52:49 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/5386?id=ad295b94-2022-4a08-8e14-97c9109b6633&gdpr=0&gdpr_consent=
date: Thu, 25 Jan 2024 01:52:49 GMT
server: Kestrel
content-length: 221

GET
H3

200

/ Show response
zona-bermain.com/prediksi-hongkong/ Frame 46AE
Redirect Chain

https://zona-bermain.com/prediksi-hongkong
https://zona-bermain.com/prediksi-hongkong/

97 KB
20 KB

452ms
450ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/prediksi-hongkong/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

7c2446cc2139ef1ea46d4b52b490f514d6595af37e3caf0e381d82e73ba91b84

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/pola-dasar/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:49 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/57>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=57>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:48 GMT
location: https://zona-bermain.com/prediksi-hongkong/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 50B7 2 KB
1 KB 49ms
48ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.28477734559540124&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://raja.hoki2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:48 GMT
Expires: Thu, 01 Feb 2024 01:52:48 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 9CE3 2 KB
1 KB 50ms
49ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6470961434834199&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:48 GMT
Expires: Thu, 01 Feb 2024 01:52:48 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame A16B 438 B
573 B 218ms
54ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPOLA%20DASAR%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:198400409&@b3:1706147569&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: be5544e19bd8ef5503e46a466cb1f233e358f806119ff1c2a1cb884d1503455c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:48 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 760A 5 KB
2 KB 99ms
99ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 286
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: m8Sx080qJfjMVqbGo5g_Gd6ZghAGc3JICMCe6YZXkukWZMLY_ttgaw==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 8985 19 KB
9 KB 65ms
65ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:48 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame EE5D 5 KB
2 KB 67ms
67ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 286
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: shq9oNcpk8-fBGsU2qyixC3jpi9js_Ope-Io-AOq8yTd-wlQP76gVg==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame ED1A 19 KB
9 KB 59ms
57ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:48 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:48 GMT

GET
H2 200 bbjs.js Show response
bungaprediction.top/ Frame B322 15 KB
3 KB 462ms
460ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H2

200

sync
thrtle.com/
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=6e41526d-de95-49a1-ac30-86e5faeef8ef
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=ad295b94-2022-4a08-8e14-97c9109b6633

43 B
540 B

70ms
69ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=ad295b94-2022-4a08-8e14-97c9109b6633
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 25 Jan 2024 01:52:49 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=ad295b94-2022-4a08-8e14-97c9109b6633
date: Thu, 25 Jan 2024 01:52:49 GMT
server: Kestrel
content-length: 199

GET
H2

200

sync
thrtle.com/ Frame 56C5
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=6e41526d-de95-49a1-ac30-86e5faeef8ef
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=ad295b94-2022-4a08-8e14-97c9109b6633

43 B
540 B

56ms
54ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=ad295b94-2022-4a08-8e14-97c9109b6633
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 25 Jan 2024 01:52:49 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=ad295b94-2022-4a08-8e14-97c9109b6633
date: Thu, 25 Jan 2024 01:52:49 GMT
server: Kestrel
content-length: 199

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame BBD3 0
143 B 154ms
152ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=77539&pu=https://bolo.treksantuy.xyz/
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: BF2BC29BE76B42E3A724321B35B83C49 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu2/KZu08ls8xYqDO5Q==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame AE14 0
0 82ms
75ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=4773
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:49 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: mGNmf2-PsL_6WbFf0JXoSkWDBjQ2MiC7HaxdZhaQQHBBt2dX82HtEQ==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 760A 121 B
538 B 34ms
32ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 1a6b459da626bc4487b1b8818c93b2808e3a25388deb43e2ae5bfed6b8ef42f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://raja.hoki2d.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 135

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 8985 0
289 B 32ms
31ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147568679&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=rtx.dudasoleh.lol&pn=%2F&qs=na&cc=US&cont=NA&evid=z4dU-0YAkKHeEyhruTbV&urls=&rnd=1706147569206&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=289&bcnLcy=622

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:49 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame EE5D 121 B
539 B 32ms
28ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 1a6b459da626bc4487b1b8818c93b2808e3a25388deb43e2ae5bfed6b8ef42f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 135

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame ED1A 0
289 B 59ms
57ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147568688&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=markas-prediktor.info&pn=%2F&qs=na&cc=US&cont=NA&evid=a5dU-0YA0kzc1LQy5aAe&urls=&rnd=1706147569244&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=421&bcnLcy=622

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:49 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame A16B 13 KB
4 KB 71ms
70ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52236
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace103f85441cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame A16B 6 KB
3 KB 243ms
243ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPOLA%20DASAR%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:198400409&@b3:1706147569&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0277a17da34b285d5c6101aef49113849b4f02987b0d5e32a84755d14aedb3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
x-t: 0.215
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1zsE6WxTRXv7EVgzzkSH83fK6scdBjK%2FR54LV3fFW5anBOexXZeY6pBmLbGKRho2Pz8NISGWeuGlDgkE20enYKKMvMLmIAjyvKV8aIYNu881O367qqzYzOWqjkrQuWv03rTIYE%2BlDHo%2F1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace103fcf08c15-EWR
expires: Thu, 25 Jan 2024 01:52:48 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame B412 11 KB
5 KB 67ms
67ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68106
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace103f85641cd-EWR
content-length: 4547

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame A16B 18 KB
5 KB 265ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/pola-dasar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 9 KB
4 KB 39ms
39ms Script
text/javascript 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: nginx /
Resource Hash: b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 16:20:24 GMT
Server: nginx
ETag: W/"64c7df48-22bf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 25 Jan 2024 02:52:49 GMT

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame B412 436 B
571 B 128ms
32ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:150836458&@b3:1706147570&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 78e7ba30ff35404718abeb4390531a4f5c771ef6ab4ca7b28df072e62149678f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:49 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame B322 11 KB
4 KB 82ms
81ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68106
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace105da8441cd-EWR
content-length: 4547

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame A16B 0
463 B 63ms
60ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
x-t: 0.96
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VZS1V7tGUC6qj63QGMf%2F%2F0N%2F7ABXFvmvJb%2FoNaadQ5grPQ%2F3htW44IUCGChtjfxOeOzUF74keUepVR3V7gt0KiYNBXKa%2Fc%2FlL0GlHksd%2FtwhvjlknrSg1Z5iJDyTeYPdWb8KaVxEWk2Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 84ace105d86ec32b-EWR
expires: Wed, 24 Jan 2024 23:32:34 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame A16B 33 KB
11 KB 149ms
146ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70524
x-amz-cf-id: j3-iRW4Uwcm1JObffAiBLOFjzyjD6nDNyS-9szBAt7Fx0lG1O8f7XQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame A16B 2 KB
3 KB 57ms
55ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&j=https%3A%2F%2Fzona-bermain.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame A16B 0
302 B 229ms
228ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=2&_ls=2&_cc=us&_pl=d&_b=chrome%40120&_cbid=6wlf&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
x-t: 0.11
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCMrFglOs%2BvUQ3bqyfybMAaGa9BIuAYiCOQ%2B%2BNi07LbUvleNP%2BS9fNBfhElcYwl4U7eDHCLZigtmA4K785hsRNu2olFzAE1UKUf6DbEHJA%2FAomibcdfTiiZZ7SxiY9oXPKLClctzVhBAECI%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace105df788c15-EWR
expires: Thu, 25 Jan 2024 01:52:48 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame A16B 230 B
530 B 50ms
49ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame A16B 231 B
531 B 50ms
49ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame BBD3
Redirect Chain

https://um.simpli.fi/lj_match?r=89471
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

57ms
39ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:49 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:49 GMT

GET

/
p.adsymptotic.com/d/px/ Frame 2414
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=86126
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=d0ebd870e62417c041b1cfaabc5fab5b
https://i.liadm.com/s/29307?bidder_id=79701&bidder_uuid=2024012501524400061385747456&cb=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fli_sync.xgi%3Fna_exid%3D%7BLIDIDOREMPTY%7D
https://pippio.com/api/sync?pid=710914&_=5&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687...
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06725200

0
0

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 46AE 107 KB
13 KB 296ms
294ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 46AE 227 B
271 B 290ms
286ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 46AE 2 KB
374 B 291ms
287ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 46AE 28 KB
8 KB 296ms
292ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 46AE 3 KB
827 B 291ms
288ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 46AE 86 KB
29 KB 295ms
292ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 46AE 13 KB
5 KB 296ms
293ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 46AE 157 KB
26 KB 56ms
53ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461283
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 46AE 30 KB
7 KB 71ms
68ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4894929
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ace10709fb423a-EWR
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 46AE 21 KB
8 KB 58ms
56ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977775
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 46AE 62 KB
16 KB 60ms
58ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948457
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 0.png
zona-bermain.com/script/ Frame 46AE 25 KB
25 KB 300ms
297ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 46AE 25 KB
25 KB 300ms
298ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:52:49 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 46AE 25 KB
25 KB 275ms
250ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 46AE 25 KB
25 KB 305ms
280ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 46AE 24 KB
24 KB 350ms
337ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 46AE 25 KB
25 KB 379ms
367ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 46AE 24 KB
24 KB 379ms
366ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 46AE 25 KB
25 KB 379ms
367ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 46AE 25 KB
25 KB 380ms
367ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 46AE 43 B
182 B 214ms
82ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 46AE 3 KB
1 KB 367ms
346ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 46AE 8 KB
2 KB 322ms
301ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 46AE 6 KB
2 KB 353ms
332ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 46AE 112 KB
34 KB 354ms
334ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 46AE 4 KB
2 KB 352ms
333ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame A16B 2 KB
2 KB 38ms
26ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.1315533026736393&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:49 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame A16B 42 B
265 B 55ms
44ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2F&event_source=dtscout&rnd=0.1315533026736393&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame B322 436 B
571 B 231ms
48ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-70231191&@b3:1706147570&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 78e7ba30ff35404718abeb4390531a4f5c771ef6ab4ca7b28df072e62149678f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame B412 22 KB
12 KB 66ms
51ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28779
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace107cc8741cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame B412 6 KB
3 KB 222ms
206ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:150836458&@b3:1706147570&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde249f74452af2530b578d83d5bc26a4d1f62030baf5465ceeb2d783754771b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
x-t: 0.22
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vHZWDRPe9MuM%2BFM2hh8G6KsO%2BymfVd5n3E%2Fr%2FsB65qhPIIVGIdTG7W%2F4yyn2exqoE1HIngF0TliXb6BpJTX7NhBOnP5jTiNXYqq9fT4jq2oIEq%2FF%2B8vf5BJwMFaKL1OCpMYkBvsAtjDQI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace107c9d68c15-EWR
expires: Thu, 25 Jan 2024 01:52:49 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame A16B 5 KB
2 KB 54ms
41ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 287
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: L5pVify3n8jIoOszNcrp4tGJ3gcFw71yUicj7f4cD46bftKTdTlVoA==

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame BED9 2 KB
1 KB 41ms
39ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.1315533026736393&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:49 GMT
Expires: Thu, 01 Feb 2024 01:52:49 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame A16B 167 B
580 B 82ms
52ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 760A 43 B
177 B 116ms
98ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:50 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame EE5D 43 B
177 B 57ms
39ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:50 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame FDC3 19 KB
9 KB 59ms
47ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3

200

ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame BBD3
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=91029
https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=b6ed657b7558e2ab9f72bb77bb3d8d44&lc_sha1=812703517bb6d912793822680b5e31867ce79140&lc_sha256=803b686e37528aed10c208d7a2f83fbfc648606e06783...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=b6ed657b7558e2ab9f72bb77bb3d8d44&pt=1&dpn=2248&dpt=812703517bb6d912793822680b5e31867ce79140...
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=b6ed657b7558e2ab9f72bb77bb3d8d44&pt=1&dpn=2248&dpt=812703517bb6d912793822680b5e31867ce79140...

43 B
942 B

123ms
92ms

Image
image/gif

18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=b6ed657b7558e2ab9f72bb77bb3d8d44&pt=1&dpn=2248&dpt=812703517bb6d912793822680b5e31867ce79140&pt=1&dpn=2270&dpt=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4&pcid=IDEQiSZHoL1tX3WzRa2vaD_p&ckls=true&ci=9amzqQ78cl&nc=false&trid=6f344821-23dc-4cac-95b3-36d7e0b4cd03
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:50 GMT
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: SaDCB2C0G3VydkfMTRRzibkpzzsaRb23w1RjVq4iGDmTaag2DzdECA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:50 GMT
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpi=174445236&pt=1&dpn=2247&dpt=b6ed657b7558e2ab9f72bb77bb3d8d44&pt=1&dpn=2248&dpt=812703517bb6d912793822680b5e31867ce79140&pt=1&dpn=2270&dpt=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af1f6ac5e4&pcid=IDEQiSZHoL1tX3WzRa2vaD_p&ckls=true&ci=9amzqQ78cl&nc=false&trid=6f344821-23dc-4cac-95b3-36d7e0b4cd03
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: tjKgTaRYbjU16jRZJTUgS5wIYJYX_CV9A0nCNszbHt3pjCFZL3B9sQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 156C 85 B
464 B 58ms
46ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725946
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: QcfMnRvxc-aLb9-uZaP8WaBrqJB8hqSpIP80r8fGI01SvU6IkjSXoQ==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 2414 0
144 B 167ms
155ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=42753&pu=https://king.laskar2d.xyz/
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:49 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: EC5F6280EF3E46F1B3AC3CBB68820EE7 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:50Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu2/b+vDKEoGkhL1N7Q==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame B412 0
440 B 90ms
68ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
x-t: 0.93
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVjpABPYxU6w9FPbpJ%2B3MIX9JURoov742mO7TyXyNXbgNOKDAXEQqj6N67WsDbT7Xc5Aa0nTGXU8eWaxjaSXRfw4TYlqO8QgzC1g6WRpClVcfu%2Fh8kwkIk8e%2F5UDSg3oVsmjFCmLwCdKdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 84ace10a3bf5c32b-EWR
expires: Wed, 24 Jan 2024 23:32:35 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame B412 33 KB
11 KB 64ms
43ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70525
x-amz-cf-id: 5jiiX_QFQhgG7IgCGK7PV9fdcLwHTyIhnWkgXINuYSz5YVDbVeZ0kQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame B412 2 KB
3 KB 56ms
40ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame B412 51 B
426 B 227ms
217ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=19y6lc0ayp&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=6xwk&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a3a6f420b336bc3d7aacab58830ffeceb3889f0301c88157a97f2dd58c1e040

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
x-t: 0.139
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4X%2BMhnTtW5gAZCmRRphzQ30XcoYwwCIgp30somF%2FSyr6KjGZPOnoPycxpXNZQnE97qgQRG0zaSQy1KTMHziA4xJ2hVtOyJA8OQtog0ho7%2BIYsCKxKwwwZ27LQZhciAQGKjsYL5Rk2HsNQw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace10a4cc58c15-EWR
expires: Thu, 25 Jan 2024 01:52:49 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame B322 22 KB
12 KB 79ms
70ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28780
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace10a4fa541cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame B322 6 KB
3 KB 224ms
215ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-70231191&@b3:1706147570&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce7c8bed2dc3ef4a57bac3d4a291de1698a676d288de554bf7d6bd88689e9dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
x-t: 0.244
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbPCbM2oKD4PA0nyrohXSEJN9N2pCTt5ZVpUzv5A4Q5UXU9sMuCjIcD7XvOJWAiEmszygh1bPtUG1KDHEy2y43Ql9E%2FDxYZ2c5P3xrPBy6NN5Rd1v5rGT%2BjeXR8UcogFRGi6%2B7426sXRdlY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace10a4cc98c15-EWR
expires: Thu, 25 Jan 2024 01:52:49 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 46AE 11 KB
5 KB 77ms
69ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68107
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace10a4fa841cd-EWR
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 5D44 10 KB
3 KB 313ms
309ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:50 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 46AE 75 KB
76 KB 214ms
213ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 5
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace10a48a243f8-EWR
cdn-requestpullsuccess: True

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 156C 766 B
1 KB 49ms
46ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387460
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: OCeIxm7MZezwBbZ7NdNTuUZpwHkUXecv7ehLdAStP2koyAy6koXDLw==

GET
H3

200

/ Show response
zona-bermain.com/prediksi-china/ Frame 4D9C
Redirect Chain

https://zona-bermain.com/prediksi-china
https://zona-bermain.com/prediksi-china/

97 KB
20 KB

482ms
481ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/prediksi-china/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

af327b368c0805c5f3619ef48de610fb2dce6fbf54fb8e96ada446931ae94c6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/prediksi-hongkong/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:51 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/93>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=93>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:50 GMT
location: https://zona-bermain.com/prediksi-china/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame FDC3 0
289 B 49ms
38ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147569916&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2F&qs=na&cc=US&cont=NA&evid=RKeU-0YAjNv0g43kFGnL&urls=&rnd=1706147570324&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=145&bcnLcy=292

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:50 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame B412 2 KB
2 KB 47ms
37ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.693610979543521&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:50 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame B412 42 B
265 B 49ms
38ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2F&event_source=dtscout&rnd=0.693610979543521&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame B412 50 B
454 B 95ms
58ms Fetch
application/json 52.84.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.18.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-18-2.ord53.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
via: 1.1 5bbf9ff531c5eebbeb82768a75b80422.cloudfront.net (CloudFront), 1.1 b355b23fdbed3c58c37ede4924bc4602.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, ORD53-C2
x-amzn-requestid: 63709001-cb1c-4d75-adf5-f6321a9ea3a7
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SErF6GThiYcENPA=
content-length: 50
x-amz-cf-id: YmECYd9ftxzUdxfutiOsoMLnCoIFw3moDefjzCdD6iE4sCoxz4-w2A==

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 46AE 438 B
573 B 217ms
67ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20HONGKONG%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:99905275&@b3:1706147570&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: be5544e19bd8ef5503e46a466cb1f233e358f806119ff1c2a1cb884d1503455c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 349E 2 KB
1 KB 32ms
29ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.693610979543521&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:50 GMT
Expires: Thu, 01 Feb 2024 01:52:50 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame F7D7 19 KB
9 KB 72ms
42ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame B412 5 KB
2 KB 96ms
25ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 288
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Xfbq402UhuAleghi8_beSJQe8tG_EASuspLgMue8US6X_FXOPDfk2Q==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame B322 0
434 B 112ms
67ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
x-t: 1.44
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJMQuhugXFtSwYCYYcKp6A5Ldr%2B5meFQQomiT5%2Fg65qD2ja4vQBKhDLIzH%2FS2UFziRVwxL4lilp%2FgdDM8enbJHVgk1YvBl235Gj%2FUv6eu7vdeuJ59jWI364lxLybLP8TVEagQpiSttF2bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 84ace10cfe46c32b-EWR
expires: Thu, 25 Jan 2024 01:46:43 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame B322 33 KB
11 KB 100ms
56ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70525
x-amz-cf-id: rAN4SVwM7P22t9URvuf_GKrnNZVmfaG2DQaBUXx0bgmN1Y-FqD-KFg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame B322 2 KB
3 KB 63ms
44ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame B322 0
288 B 288ms
244ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=19y6lc0ayp&_pv=2&_ls=0&_cc=us&_pl=d&_b=chrome%40120&_cbid=2b3r&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
x-t: 0.077
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyHWD7wuwVxrAbl82Wihhc7G8mBzEJcUSJrOVAidKcgL5G3DNnq57g3gdFobMq5LHr%2BpLdDTDTEU5VC%2BroYoxJfieosctdxSVB99owwzclZX0D7Nz2DrfgOiT7aEZ8bdutaizgko3qs%2BbGs%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace10cffb28c15-EWR
expires: Thu, 25 Jan 2024 01:52:49 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 5D44 15 KB
4 KB 301ms
290ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3247
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 7F74 0
0 84ms
73ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=38517
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://raja.hoki2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:50 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: OB4UxuNj_i0Zsp4mix_hJEjs8bamuMJXISUtEmP6ekJRamy4MiRnag==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame CC5D 0
0 112ms
109ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=87667
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:50 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: ycfnbGiQOiVN_pc0CSLtUksF7CmW9QtFzvC4FhB5sUbFDn2lxJkDuw==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2414
Redirect Chain

https://um.simpli.fi/lj_match?r=45921
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

43ms
30ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:50 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:50 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame A16B 43 B
177 B 61ms
60ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:50 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 46AE 13 KB
4 KB 62ms
61ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52237
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace10d4ad441cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 46AE 6 KB
3 KB 246ms
245ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20HONGKONG%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:99905275&@b3:1706147570&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d863b8b486454d6224edb1d1c208447b353c6e24cf55abc1f8fc59e7b4726c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
x-t: 0.202
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGqGhyOSBEKjMjibLIcHU4s8PbB3Q9t4zF7SrTaurSVnKEmsQVGnqUC13wNFmbIlf%2B4R7yiDA6eXv3eE26r%2B7Z4r8rPJ3coSevlMo4BxUTXl1JsRWtGXKdS5HTRNQI2tpTrbt4omF5bGGzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace10d482d8c15-EWR
expires: Thu, 25 Jan 2024 01:52:49 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 46AE 18 KB
5 KB 298ms
298ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:50 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:52:50 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame F7D7 0
289 B 48ms
47ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147570393&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2F&qs=na&cc=US&cont=NA&evid=HReU-0YAWYh-MwwiEQDW&urls=&rnd=1706147570761&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=154&bcnLcy=61

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:50 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame B412 167 B
579 B 49ms
44ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame B322 2 KB
2 KB 49ms
44ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.10657370403791622&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:50 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame B322 42 B
265 B 51ms
46ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2F&event_source=dtscout&rnd=0.10657370403791622&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame B322 5 KB
2 KB 49ms
46ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 288
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Kd9EVnVy2ohvgWfkd6grSZOF29T-E5o7fBcQh1OCBqmybLKD0Z9DZg==

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 4823 2 KB
1 KB 49ms
48ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.10657370403791622&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:50 GMT
Expires: Thu, 01 Feb 2024 01:52:50 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame B322 167 B
579 B 59ms
57ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H2

200

sync
thrtle.com/ Frame BBD3
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://sync.srv.stackadapt.com/sync?nid=throtle
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=JOUctIEMUTFD5JmaJfO95s5CYFI&_t=1706147571

43 B
539 B

36ms
35ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=JOUctIEMUTFD5JmaJfO95s5CYFI&_t=1706147571
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 25 Jan 2024 01:52:51 GMT
content-length: 43
content-type: image/gif

Redirect headers

Location: https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=JOUctIEMUTFD5JmaJfO95s5CYFI&_t=1706147571
Date: Thu, 25 Jan 2024 01:52:51 GMT
Connection: keep-alive
Content-Length: 120
Content-Type: text/html; charset=utf-8

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 253ms
80ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sky.pasukanantidepo.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:52:51 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame CE98 19 KB
9 KB 53ms
52ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:51 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:51 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5D44 11 KB
5 KB 42ms
41ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68108
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace10f5cd341cd-EWR
content-length: 4547

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 46AE 0
458 B 75ms
61ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&r=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
x-t: 1.12
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBqQj5L4KdbNbvzcKSih2fyamODQ2SE6W6RoKbKhI1gh90LRKy%2Fv3BYIwfYrSMPhEpRDfAXqVoruOgNKuOya%2BdjTFnMSBgxv67pOVA%2BYOu97QwUE6XIj2eXjWzglWIZccGqUQPQuxUO%2Fog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 84ace110b8f6c32b-EWR
expires: Thu, 25 Jan 2024 01:56:16 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 46AE 33 KB
11 KB 73ms
59ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70526
x-amz-cf-id: TDpmllN4pkcMTaSmibb1U4S-ImedsHJLBjPXzt0ajk1H-lmC8CXfXg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 46AE 2 KB
3 KB 49ms
39ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 46AE 0
325 B 207ms
201ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=3&_ls=4&_cc=us&_pl=d&_b=chrome%40120&_cbid=1vob&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
x-t: 0.097
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXrHwPFdzkscBoksbfDabOHjM6Nn5k7jA4WOmuubQS9xHYn2rF419uN1M43G8yYRda2wY2a6ZSU4Cc41gnGFi6CHLttRl1Z6vFjaXFnJN6nV1XWipziwkdNuTGnsNqtvw2hlODrNkFhiOTk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace110bc358c15-EWR
expires: Thu, 25 Jan 2024 01:52:50 GMT

GET
H2

200

sync
thrtle.com/ Frame 760A
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=63109
https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=d0ebd870e62417c041b1cfaabc5fab5b&lc_sha1=58964d2aebc4d92593ca3b3153c99cd867f2acf2&lc_sha256=4b6231a1814506b6861b2cf443546c4fc23c42546009f...
https://thrtle.com/2002?sha256=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7&md5=d0ebd870e62417c041b1cfaabc5fab5b&sha1=58964d2aebc4d92593ca3b3153c99cd867f2acf2
https://thrtle.com/sync?vxii_pid=12&dt=1706147571&vxii_rmax=5
https://i.liadm.com/s/56290?bidder_id=199768&bidder_uuid=6e41526d-de95-49a1-ac30-86e5faeef8ef
https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=9031f432-95f1-4371-8f6c-243625f67bcf&_t=1706147571

43 B
542 B

69ms
69ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=9031f432-95f1-4371-8f6c-243625f67bcf&_t=1706147571
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 25 Jan 2024 01:52:51 GMT
content-length: 43
content-type: image/gif

Redirect headers

Location: https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=9031f432-95f1-4371-8f6c-243625f67bcf&_t=1706147571
Date: Thu, 25 Jan 2024 01:52:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame EE5D
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=41202
https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=d0ebd870e62417c041b1cfaabc5fab5b&lc_sha1=58964d2aebc4d92593ca3b3153c99cd867f2acf2&lc_sha256=4b6231a1814506b6861b2cf443546c4fc23c42546009f...
https://pippio.com/api/sync?pid=710524&_=1&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=15998&cparams=placement%3D710524
https://pippio.com/api/sync?pid=5324&it=1&iv=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiNmMwZGNkZjFkMDUzM2VkMDcyZWIwNzIzODg4YjhmZWJlM2U2Njg3ZDg5YzlmMWM5ZTk4MjFkYzUzMzU3ZGE4NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiNmMwZGNkZjFkMDUzM2VkMDcyZWIwNzIzODg4YjhmZWJlM2U2Njg3ZDg5YzlmMWM5ZTk4MjFkYzUzMzU3ZGE4NzkxNDI2YjU0MTdkY2UyMRAAGgwI8_3GrQYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=8736a3e1-effa-42c2-8408-7989dd24be41

42 B
60 B

78ms
76ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=8736a3e1-effa-42c2-8408-7989dd24be41
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 25 Jan 2024 01:52:52 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/458249.gif?partner_uid=8736a3e1-effa-42c2-8408-7989dd24be41
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H3

200

458249.gif
idsync.rlcdn.com/ Frame 2414
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=33059
https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=d0ebd870e62417c041b1cfaabc5fab5b&lc_sha1=58964d2aebc4d92593ca3b3153c99cd867f2acf2&lc_sha256=4b6231a1814506b6861b2cf443546c4fc23c42546009f...
https://pippio.com/api/sync?pid=710524&_=1&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=15998&cparams=placement%3D710524
https://pippio.com/api/sync?pid=5324&it=1&iv=b6c0dcdf1d0533ed072eb0723888b8febe3e6687d89c9f1c9e9821dc53357da8791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiNmMwZGNkZjFkMDUzM2VkMDcyZWIwNzIzODg4YjhmZWJlM2U2Njg3ZDg5YzlmMWM5ZTk4MjFkYzUzMzU3ZGE4NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiNmMwZGNkZjFkMDUzM2VkMDcyZWIwNzIzODg4YjhmZWJlM2U2Njg3ZDg5YzlmMWM5ZTk4MjFkYzUzMzU3ZGE4NzkxNDI2YjU0MTdkY2UyMRAAGgwI8_3GrQYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=d7482f65-1f29-4248-9d7a-29d69fa10a35

42 B
60 B

82ms
80ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=d7482f65-1f29-4248-9d7a-29d69fa10a35
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 25 Jan 2024 01:52:52 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/458249.gif?partner_uid=d7482f65-1f29-4248-9d7a-29d69fa10a35
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame A8F5 85 B
464 B 44ms
41ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725947
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: sz_3BiWdb-SO2oN91tXd73jhSJ3J_w2YIzICXpmb6gkD_Gyo2p5zzg==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame E6D7 0
0 112ms
112ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=67846
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:51 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: hWr7Lo2xIqWZV8eH2l_max53Q77WTlf2XHozHKEwywqRpIa0GIcwtg==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 46AE 230 B
530 B 73ms
39ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 46AE 231 B
531 B 73ms
40ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 4D9C 107 KB
13 KB 404ms
402ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:52:51 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 4D9C 227 B
271 B 402ms
401ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:52:51 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 4D9C 2 KB
374 B 403ms
397ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:52:51 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 4D9C 28 KB
8 KB 403ms
397ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:52:51 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 4D9C 3 KB
827 B 420ms
398ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:52:51 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 4D9C 86 KB
29 KB 422ms
400ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:52:51 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 4D9C 13 KB
5 KB 435ms
414ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:52:51 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 4D9C 157 KB
26 KB 60ms
40ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461284
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 4D9C 30 KB
7 KB 99ms
79ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4894931
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ace1124fb4423a-EWR
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 4D9C 21 KB
8 KB 75ms
55ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977777
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 4D9C 62 KB
16 KB 79ms
54ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948459
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 0.png
zona-bermain.com/script/ Frame 4D9C 25 KB
25 KB 434ms
410ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:52:51 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 4D9C 25 KB
25 KB 448ms
425ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:52:51 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 4D9C 25 KB
25 KB 347ms
342ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 4D9C 25 KB
25 KB 343ms
342ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 4D9C 24 KB
24 KB 473ms
465ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 4D9C 25 KB
25 KB 491ms
482ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 4D9C 24 KB
24 KB 495ms
487ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 4D9C 25 KB
25 KB 502ms
495ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 4D9C 25 KB
25 KB 515ms
509ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 4D9C 43 B
182 B 382ms
187ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:52 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 4D9C 3 KB
1 KB 518ms
513ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 4D9C 8 KB
2 KB 413ms
409ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 4D9C 6 KB
2 KB 414ms
405ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 4D9C 112 KB
34 KB 417ms
408ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 4D9C 4 KB
2 KB 472ms
464ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame B412 43 B
177 B 78ms
47ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:51 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame CE98 0
289 B 48ms
48ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147570833&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2F&qs=na&cc=US&cont=NA&evid=ideU-0YATAg4ZsYsCBxZ&urls=&rnd=1706147571586&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=523&bcnLcy=52

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:51 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame A8F5 766 B
1 KB 51ms
51ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387461
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: xSSFMtOoTbG6Y3FWjcJ1zIzcnzDxnE-fRB06Bwo_maVuuo3fDkowRQ==

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 5D44 436 B
571 B 335ms
148ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:192277348&@b3:1706147572&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 78e7ba30ff35404718abeb4390531a4f5c771ef6ab4ca7b28df072e62149678f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:51 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame B322 43 B
177 B 55ms
54ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:51 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 46AE 2 KB
2 KB 81ms
79ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5787300581680379&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:51 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 46AE 42 B
265 B 112ms
111ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2Fpola-dasar%2F&event_source=dtscout&rnd=0.5787300581680379&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 46AE 5 KB
2 KB 127ms
126ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 289
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: PD4lXs2wLUWpGD8IG91bwPb6o1DBCakcESPltRfiWdLts1P8ZafzBQ==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 760A 0
142 B 197ms
184ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=46511&pu=https://rtx.dudasoleh.lol/
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B0DB354880744AB78C3950A5A47093D5 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu2/4APS1QaURPd1U8w==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame EE5D 0
141 B 213ms
202ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=61424&pu=https://markas-prediktor.info/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:51 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 02DC40D6D58441828021C4FC91411B10 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu2/4HehCkNHj04lSrA==

GET
H3

200

396846.gif
idsync.rlcdn.com/ Frame A16B
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=37701
https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687...
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8db23ec4-528b-4fbc-9fcc-93b4b4c644a3

42 B
60 B

61ms
60ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8db23ec4-528b-4fbc-9fcc-93b4b4c644a3
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8db23ec4-528b-4fbc-9fcc-93b4b4c644a3
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame D5AB 0
72 B 112ms
104ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bolo.treksantuy.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:52:52 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 56C5 0
72 B 101ms
99ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://king.laskar2d.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:52:52 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame EBA7 2 KB
1 KB 65ms
63ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5787300581680379&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:52 GMT
Expires: Thu, 01 Feb 2024 01:52:52 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 46AE 167 B
580 B 71ms
68ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 9155 0
0 161ms
161ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=64255
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:52 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: MvNb77TZs7nJ0yE1L48SEEcqYvz6sP5GH5KuTY6NJwdgxAYxKXZEMg==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame CFA5 0
0 119ms
118ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=70246
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:52 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: v9u95v3TsTEkwlDfE_RGD5R2dLrEbF2ZA5el7ztf0v8-h3Cxb9j6Ag==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 5D44 22 KB
12 KB 83ms
80ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28782
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace1168c8041cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 5D44 6 KB
3 KB 283ms
279ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:192277348&@b3:1706147572&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c888207ec2660133ee61a01bea89adf3cb4f48eec63ab6f7676d7420b731f715

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
x-t: 0.229
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KesfnQoBDWj8BN3a5XviFvYaiUncBS9qAcWElvDNy21iJ8f%2FHrQQ1fwKJ9yIj709VMJyd9%2FmcKV%2FaK6T01dCYarugkonZL2fJL87YbF27pcTwn6hMy1l4kyE%2FMx3%2FJ%2BiyRf5Uk6HNyjuwBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace116ab4c8c15-EWR
expires: Thu, 25 Jan 2024 01:52:51 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 4D9C 11 KB
5 KB 84ms
81ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68109
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace1168c8141cd-EWR
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 6540 10 KB
2 KB 451ms
450ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:52 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 4D9C 75 KB
76 KB 104ms
104ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 7
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace116a93443f8-EWR
cdn-requestpullsuccess: True

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 7D69 19 KB
9 KB 91ms
90ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:52 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H2

200

sync
thrtle.com/ Frame 2414
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://cms.analytics.yahoo.com/cms?partner_id=THROTLE
https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE
https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-t.TUXnFE2oToE0_JpmPU5ZDei1Gx3YMUissqZQ--~A

43 B
542 B

269ms
248ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-t.TUXnFE2oToE0_JpmPU5ZDei1Gx3YMUissqZQ--~A
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 25 Jan 2024 01:52:52 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-t.TUXnFE2oToE0_JpmPU5ZDei1Gx3YMUissqZQ--~A
date: Thu, 25 Jan 2024 01:52:52 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 / Show response
zona-bermain.com/buku-mimpi-2d/ Frame 9075 110 KB
24 KB 790ms
790ms Document
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/buku-mimpi-2d/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

293b92928161f48cdba927ef69f8e663d68a516c62c79a1ac4763d5685be4864

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/prediksi-china/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:52 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/216>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=216>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 4D9C 438 B
573 B 715ms
412ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20CHINA%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:96368234&@b3:1706147572&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: be5544e19bd8ef5503e46a466cb1f233e358f806119ff1c2a1cb884d1503455c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:52 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 7D69 0
289 B 110ms
109ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147572037&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2Fpola-dasar%2F&qs=na&cc=US&cont=NA&evid=IreU-0YAB19hHtdO44Ka&urls=&rnd=1706147572429&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=112&bcnLcy=141

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:52 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 760A
Redirect Chain

https://um.simpli.fi/lj_match?r=75210
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

288ms
287ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:52 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:52 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame EE5D
Redirect Chain

https://um.simpli.fi/lj_match?r=35037
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

277ms
276ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:52 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:52 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame A16B 0
142 B 380ms
379ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=53288&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 06133FAB13044B65BC4DAE195F019E53 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3AAUsB4j623i9VCkw==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 5D44 0
443 B 317ms
293ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
x-t: 7.99
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNj7WD7G%2BPPlLMK1WBM1XdiWesvqNatVZIiiFmTqxegQyNibLuwEpCSvpsEQ9CeFP6HlwHOH359%2B1%2BZ%2FJMcpOd5tnSY505pLBqCayYLrALAwJ9Q%2F3pjwWfNm0BQ4GyqUXdzqYJXz5V3dSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 84ace1193f29c32b-EWR
expires: Wed, 24 Jan 2024 23:32:37 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 5D44 33 KB
11 KB 322ms
303ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70527
x-amz-cf-id: 31VgBsKQ7YrZODTE46owiJOh4PPyrcTiNGZrfrftLX0XOs2tuh8b3g==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 5D44 2 KB
3 KB 275ms
270ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:52 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 5D44 0
284 B 409ms
394ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=19y6lc0ayp&_pv=3&_ls=2&_cc=us&_pl=d&_b=chrome%40120&_cbid=23vo&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
x-t: 0.089
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaodXkAjG2mcSlan8eXuM7CTpjngoQMKs7MRTftKBVqED69mAaP8T1BehdwShC%2BIv65J5aqLBiIbw5At6xUxL%2F2wLgfdU0Jkql%2FW37sKl7%2B0FWqJiQKuVAh0k2pxDXE02U8jmhg5FYMaGIc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace1194eb18c15-EWR
expires: Thu, 25 Jan 2024 01:52:51 GMT

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame B412
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=71530
https://pippio.com/api/sync?pid=710914&_=5&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af...
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1

42 B
60 B

69ms
68ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

362588.gif
idsync.rlcdn.com/ Frame B322
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=18496
https://pippio.com/api/sync?pid=710914&_=2&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687...
https://rc.rlcdn.com/456809.gif?n=2&cparams=placement%3D710914
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
https://idsync.rlcdn.com/362588.gif?partner_uid=ad295b94-2022-4a08-8e14-97c9109b6633

42 B
60 B

71ms
70ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362588.gif?partner_uid=ad295b94-2022-4a08-8e14-97c9109b6633
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/362588.gif?partner_uid=ad295b94-2022-4a08-8e14-97c9109b6633
date: Thu, 25 Jan 2024 01:52:53 GMT
server: Kestrel
content-length: 199

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 4D9C 18 KB
5 KB 344ms
344ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:52:52 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 46AE 43 B
177 B 203ms
202ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:52 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 6540 15 KB
3 KB 285ms
285ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 5D44 2 KB
2 KB 46ms
44ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4019477170836596&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:53 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 5D44 42 B
265 B 56ms
56ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2F&event_source=dtscout&rnd=0.4019477170836596&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:53 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 9075 107 KB
13 KB 272ms
263ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 9075 227 B
271 B 270ms
262ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 9075 2 KB
374 B 270ms
262ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 9075 28 KB
8 KB 273ms
265ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 9075 3 KB
827 B 286ms
278ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 9075 86 KB
29 KB 285ms
277ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 9075 13 KB
5 KB 288ms
280ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 9075 157 KB
26 KB 42ms
35ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461286
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 9075 30 KB
7 KB 98ms
92ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4894933
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ace11c9bfc423a-EWR
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 9075 21 KB
8 KB 94ms
88ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977779
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 9075 62 KB
16 KB 94ms
86ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:53 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948460
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 0.png
zona-bermain.com/script/ Frame 9075 25 KB
25 KB 341ms
333ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 9075 25 KB
25 KB 341ms
334ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 9075 25 KB
25 KB 250ms
248ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 9075 25 KB
25 KB 254ms
251ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 9075 24 KB
24 KB 362ms
352ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 9075 25 KB
25 KB 363ms
353ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 9075 24 KB
24 KB 397ms
388ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 9075 25 KB
25 KB 399ms
390ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 9075 25 KB
25 KB 402ms
394ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 9075 43 B
182 B 252ms
121ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:54 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 9075 3 KB
1 KB 322ms
313ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9075 8 KB
2 KB 263ms
252ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9075 6 KB
2 KB 263ms
252ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9075 112 KB
34 KB 263ms
253ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 9075 4 KB
2 KB 311ms
301ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:52:53 GMT

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 760A
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=48249
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687...
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1

42 B
60 B

70ms
70ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 255E 85 B
463 B 55ms
39ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://raja.hoki2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725949
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: 6iOtutLp80InNQPDkhgaP0m9aMpDog4pF-Buz1O1FkuI7gnGb1VDug==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame EE5D
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=88178
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687...
https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D710914
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1

42 B
60 B

64ms
64ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPFX6Xuvua10C1bYHJLkqu4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 5209 85 B
465 B 84ms
69ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725949
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: E91XaZEKwG3TMJsDC8hgjxLqix0HYUe6c7k9yjEgNDBhjNYWsyYeog==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A16B
Redirect Chain

https://um.simpli.fi/lj_match?r=24432
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

24ms
23ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:53 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:53 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 5D44 5 KB
2 KB 64ms
49ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 291
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: bwcSMCIhSZWyB8R2zk35tNwot6L0CfFUha4vNUbXHEkZbuQDcIfZBg==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame B412 0
142 B 129ms
128ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=91861&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F6CD83FB567042198271D9AE8E7FA382 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3ANPKkLGGtut1R8MA==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame B322 0
143 B 139ms
138ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=56662&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F1FF6CFE5B1E4CC88A95AF737DA06256 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3ANas88jBufJDyfKg==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 255E 766 B
1 KB 37ms
37ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387463
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: W-D0n5xUpQAiDrgtA7ddFL1_-xEg8Id6T72VvtZfMezvn_kmzMtNEA==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 5209 766 B
1 KB 67ms
66ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387463
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: z41jWILvEiNDwp-dcTBOyu5wp7F3au4zM5TD6QTX1JhTmN_XS3S7Tw==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 8CD7 0
0 93ms
93ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=53449
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:53 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: troOzyEeSZIBjXeUFN_K6Cm3orjBqAzhXUXGrRkqC5PBaz_kZfMWbA==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 4D9C 230 B
530 B 44ms
37ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 4D9C 231 B
531 B 43ms
37ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 4D9C 13 KB
5 KB 52ms
39ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52240
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace11e9eac41cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 4D9C 6 KB
3 KB 209ms
196ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20CHINA%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:96368234&@b3:1706147572&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549487a3c6e50a75d7fab97adfa37f07e53f96cfcefb922545608ebfb71cc2bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
x-t: 0.24
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdTzQEa2ci%2Bf7OyENvkaxK8xgGC1pLwc8uZPs4FRvJKGhTWGcFx3%2BsjxCj%2B4N6EWUOqLqk%2BkAvks458irDcsOM45QvzX4o7JwlqG%2B3767DtUcKA%2BDQ0mQUgJ%2BkA5KAuktVzEfK%2B4LSOJ58g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace11e9d708c15-EWR
expires: Thu, 25 Jan 2024 01:52:52 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6540 11 KB
5 KB 74ms
63ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68110
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace11ebef141cd-EWR
content-length: 4547

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 4D40 2 KB
1 KB 38ms
29ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4019477170836596&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:53 GMT
Expires: Thu, 01 Feb 2024 01:52:53 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 5D44 167 B
579 B 57ms
41ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H3

200

52154.gif
idsync.rlcdn.com/ Frame A16B
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=6170
https://pippio.com/api/sync?pid=710914&_=2&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af...
https://rc.rlcdn.com/456809.gif?n=4&cparams=placement%3D710914
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6295036647698144493

42 B
60 B

79ms
76ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6295036647698144493
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:54 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:54 GMT
an-x-request-uuid: 6d2ff4d6-7e77-4784-adf8-1896902ad66d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6295036647698144493
x-proxy-origin: 206.66.96.82; 206.66.96.82; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame C06F 85 B
465 B 41ms
36ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725949
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: Gi9nRqPOsKsHWN2TRRE4IyzASshyc4UGOz4SUvsf0yYRlTswULB-WA==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 6540 436 B
571 B 207ms
95ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-193898241&@b3:1706147574&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 78e7ba30ff35404718abeb4390531a4f5c771ef6ab4ca7b28df072e62149678f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:54 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 9075 11 KB
5 KB 53ms
35ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68111
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace1229c4d41cd-EWR
content-length: 4547

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 8A9D 19 KB
9 KB 72ms
32ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:54 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B412
Redirect Chain

https://um.simpli.fi/lj_match?r=38780
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

40ms
23ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:54 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:54 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B322
Redirect Chain

https://um.simpli.fi/lj_match?r=38175
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

39ms
36ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:54 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:54 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame C06F 766 B
1 KB 90ms
37ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387464
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: bhjtQ49sy2Syg1Jey8RkHSODMCDJEBUfIvHa627qL3Emgfy2kzLGeQ==

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 46AE
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=81095
https://pippio.com/api/sync?pid=710914&_=2&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://rc.rlcdn.com/456809.gif?n=5&cparams=placement%3D710914
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=5bf06ede0669c99c4624e0e1603300dd3b86d7037f58a2aa756654200a7440e1c0cb235b3774c97e&cb=09607010
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=5bf06ede0669c99c4624e0e1603300dd3b86d7037f58a2aa756654200a7440e1c0cb235b3774c97e&cb=09607010&dcc=t

43 B
855 B

56ms
55ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=5bf06ede0669c99c4624e0e1603300dd3b86d7037f58a2aa756654200a7440e1c0cb235b3774c97e&cb=09607010&dcc=t

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A0N1JHEAW2X23PAK0H38
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NFTSP3C8PNSZKGKDRP4Q
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=5bf06ede0669c99c4624e0e1603300dd3b86d7037f58a2aa756654200a7440e1c0cb235b3774c97e&cb=09607010&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 9075 75 KB
76 KB 69ms
38ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 9
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace1230a8543f8-EWR
cdn-requestpullsuccess: True

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 4D9C 0
581 B 204ms
175ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&r=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:54 GMT
x-t: 30.45
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHlv0l%2Fw%2FH%2ByHW6zGnneMuVWHiC73vvuwHxL%2FN06btIlqUWDf44sQSUvLFKonftjksZcKBAR84%2Fxh6B17%2FXn1Ts3TFyhccgGBzpOlcKAXcPIICl%2Bm4zqFsfdq7Gj%2B2Sb875iWoof5gjcNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 84ace123eef1c32b-EWR
expires: Thu, 25 Jan 2024 00:59:01 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 4D9C 33 KB
11 KB 67ms
38ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70529
x-amz-cf-id: WAJefa0yDMqjybJ-gv482bIGj5vBo0nMqGGoAoKvtfbEZspe3SZHTQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 4D9C 2 KB
3 KB 57ms
42ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 4D9C 0
427 B 225ms
199ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=4&_ls=7&_cc=us&_pl=d&_b=chrome%40120&_cbid=5hz3&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:54 GMT
x-t: 0.104
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsLq%2Bw%2FZHwhtt2CrcK%2FIanuGn2ew45joLt53UoHyOAk3X%2BVgk24T4k6BkN3gUyNNl87u%2BTbxx%2BYoaTmMCt6xnzCdm7MLABPEf80CONjNkgrh5Uq8BhqUoe3xXA%2FyV7KTSWAJmEOrQZj4FYQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace123ec098c15-EWR
expires: Thu, 25 Jan 2024 01:52:53 GMT

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 37AF 10 KB
2 KB 291ms
288ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:54 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 6540 22 KB
12 KB 54ms
47ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28784
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace125481341cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6540 6 KB
3 KB 215ms
210ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-193898241&@b3:1706147574&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be864bbcd1cbdafd15baab52dd105c799e4f1abd7dddbd142b41fa948b42ba50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:54 GMT
x-t: 0.216
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDkflJoae6H56sJUFuDdQX0WHfcQmZEs5Grh1V7l0DGDTuJZFl8dlQcJAphSM7Tb5ivA2%2Foz6AY5qmtnE%2FeEuQ5PPEURU5LYodcGRFrwxWjfB7EI%2BeL%2BH7S4ifwjrzZkCl20C34y4HrfgeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace1255e538c15-EWR
expires: Thu, 25 Jan 2024 01:52:53 GMT

GET
H3

200

/ Show response
zona-bermain.com/paito-warna-taiwan/ Frame 5BCD
Redirect Chain

https://zona-bermain.com/paito-warna-taiwan
https://zona-bermain.com/paito-warna-taiwan/

266 KB
34 KB

680ms
678ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/paito-warna-taiwan/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

19d16533a9ef10b4c9fe67b888b38647684b6f1d385fc5275c74e6132aff03bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/buku-mimpi-2d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:55 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/105>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=105>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:55 GMT
location: https://zona-bermain.com/paito-warna-taiwan/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 9075 18 KB
5 KB 262ms
262ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:54 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:52:54 GMT

GET
H3

200

362248.gif
idsync.rlcdn.com/ Frame B412
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=77358
https://pippio.com/api/sync?pid=710914&_=5&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af...
https://rc.rlcdn.com/456809.gif?n=6&cparams=placement%3D710914
https://dpm.demdex.net/ibs:dpid=477&dpuuid=07aacaf693c37dbe55bca1f5acb328cea0304d6b63aaceb34d8084b81df7e6ddb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=07aacaf693c37dbe55bca1f5acb328cea0304d6b63aaceb34d8084b81df7e6ddb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3...
https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333

42 B
60 B

177ms
174ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:55 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

dcs: dcs-prod-va6-2-v053-0c56b2299.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: SPkAZiNzSu0=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 603C 85 B
463 B 43ms
40ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725950
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: TtC-ByD7_mNO7ODF7o9dMCWY20Pq9deL340330W57D_4NUfetC-WRA==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame B322
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=2462
https://pippio.com/api/sync?pid=710914&_=5&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af...
https://rc.rlcdn.com/456809.gif?n=7&cparams=placement%3D710914
https://usermatch.krxd.net/um/v2?partner=liveramp
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp

0
338 B

245ms
66ms

Image
text/plain

34.202.176.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: H2
Server: 34.202.176.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-176-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n002-ash-prod.krxd.net
date: Thu, 25 Jan 2024 01:52:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1706147575
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=liveramp
date: Thu, 25 Jan 2024 01:52:55 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a015-ash-prod.krxd.net

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame C1E4 85 B
464 B 61ms
60ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725950
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: INcf4kyZ9x2GQ6egNlCzchX2YlJoNmBApQMaXvVqysnMckW51lx4bw==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 46AE 0
143 B 138ms
135ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=10110&pu=https://zona-bermain.com/pola-dasar/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:54 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6BF177A432F84350A8E36DC64C0C3A02 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3Ah+2QTao+fCC8HqA==

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 9075 438 B
573 B 250ms
86ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%202D%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-59236238&@b3:1706147575&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: be5544e19bd8ef5503e46a466cb1f233e358f806119ff1c2a1cb884d1503455c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:55 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame BBD3 0
72 B 45ms
39ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtx.dudasoleh.lol/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:52:54 GMT
content-length: 0
vary: Origin

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 603C 766 B
1 KB 62ms
33ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387464
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: pWQcCGaR9YnEDQaBBBHomfmjOxUhI2Q1nIe1DrFHV31G6F_XIY_fMg==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 5D44 43 B
177 B 65ms
38ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:54 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 8A9D 0
289 B 28ms
25ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147573512&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2F&qs=na&cc=US&cont=NA&evid=TRfU-0YAj3OMdfTZewTM&urls=&rnd=1706147574873&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=702&bcnLcy=165

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:54 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4D9C 2 KB
2 KB 34ms
32ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.24828070190470886&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:54 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4D9C 42 B
265 B 44ms
42ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2Fprediksi-hongkong%2F&event_source=dtscout&rnd=0.24828070190470886&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 4D9C 5 KB
2 KB 43ms
42ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 292
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: TYIHtboVFlaMzI8lFky3KwJSLf7GTj1O6FqI_mtnEGYY54Bix9mOxA==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame C1E4 766 B
1 KB 60ms
57ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387464
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: TZ6wvzFIzIz173FrTRCz5F7Ld3Nkum4FwYcduSODKnWC8DMMWBElaA==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6540 0
455 B 460ms
424ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:55 GMT
x-t: 4.79
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPCtqlltSEAma0hIGSLhDzS7gXdExsL4o8Tl%2B5QJbCdrLLMy1ux6hlpd1hi2RtKYs1Rf%2FIyPEAu97Px2sqaeITAxClanT7U84KwM%2F6eSaVSOEJM9ZXoQp738XhKdcCATNN6YY7mNbbLbnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 84ace12789eec32b-EWR
expires: Thu, 25 Jan 2024 01:50:37 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6540 33 KB
11 KB 51ms
15ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70529
x-amz-cf-id: b2FfdVmD6ZylxD2ZVVw46wFtT8UKpgt19CwOpw3HgHlgYP6lpH05fA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 6540 2 KB
3 KB 45ms
41ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6540 0
333 B 239ms
200ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=19y6lc0ayp&_pv=4&_ls=5&_cc=us&_pl=d&_b=chrome%40120&_cbid=435l&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:55 GMT
x-t: 0.078
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCsths8Sm5cxraMP2ouEeEtwurmNBCWmf9aurym8NUYXywgy1Dw6rG68DQEja8QyY6FnCerp4g1hf1ACrGkiGwpEgfggW0RC7xR1t5SxDoQceJTVVGvLwvvYvGzSDSWc9HwbzSBJFhyO%2BZE%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace127a9ac8c15-EWR
expires: Thu, 25 Jan 2024 01:52:54 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 9075 230 B
530 B 63ms
59ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 9075 231 B
531 B 63ms
60ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 37AF 15 KB
3 KB 326ms
324ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Thu, 01 Feb 2024 01:52:55 GMT

GET
H2

200

sync
nlsn.thrtle.com/ Frame 760A
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01CH0ZM0TGKTWGX4FTB1AQA71H&userid=6e41526d-de95-49a1-ac30-86e5faeef8ef
https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=A196988373E0DF79D80FEEE23DFA7704
https://sync.crwdcntrl.net/map/c=10835/tp=ALCT/tpid=/gdpr=0/gdpr_consent=?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5003%26vxii_pdid%3D%24%7Bprofile_id%7D%26vxii_ts%3D16%26_t%3D1706147575
https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=cf48f38f57b5afc8f1fef27f7cc9f596&vxii_ts=16&_t=1706147575
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&puid=7614b770-bb24-11ee-b489-7530d5baf48f

43 B
542 B

153ms
112ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&puid=7614b770-bb24-11ee-b489-7530d5baf48f
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 25 Jan 2024 01:52:57 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&puid=7614b770-bb24-11ee-b489-7530d5baf48f
date: Thu, 25 Jan 2024 01:52:56 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame D4D3 2 KB
1 KB 70ms
47ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.24828070190470886&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:55 GMT
Expires: Thu, 01 Feb 2024 01:52:55 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 4D9C 167 B
580 B 74ms
51ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H2 204 sync
thrtle.com/ Frame EE5D 0
468 B 88ms
63ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:55 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6540 5 KB
2 KB 89ms
68ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 293
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: B6Ym5KBfrdCdde3j-DB0QfBgaxTEKTZwFs6h0inXm8QsdYiEAltqeQ==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 6540 2 KB
2 KB 54ms
39ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7746049790635741&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:55 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 6540 42 B
265 B 80ms
67ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2F&event_source=dtscout&rnd=0.7746049790635741&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 9075 13 KB
4 KB 50ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52242
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace1298e3d41cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 9075 6 KB
3 KB 200ms
199ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%202D%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-59236238&@b3:1706147575&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20fe6d443870180a271f3f12c5f457886b649cf9f883ae800b39880755b4f57f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:55 GMT
x-t: 0.277
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZhc5s4pHVlXAvaJR7bxgDcDDcemhXNpkhu5oEriu%2FqxpsgzEMXzwwVoporaXYvOUpgD9lP%2FEnKsOK3TGZWgyc1dqEIEd1HmNgVPgIYVT1504c%2BZg6ODQgGvUHrXlfqVwkHl5%2FpDx%2Bdnd0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace1298bbf8c15-EWR
expires: Thu, 25 Jan 2024 01:52:54 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 1240 19 KB
9 KB 55ms
54ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:55 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:55 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 46AE
Redirect Chain

https://um.simpli.fi/lj_match?r=99447
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

69ms
67ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:55 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:55 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame DBFA 2 KB
1 KB 54ms
46ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7746049790635741&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:55 GMT
Expires: Thu, 01 Feb 2024 01:52:55 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 6540 167 B
579 B 57ms
47ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame A472 0
0 136ms
132ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=51140
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:56 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: wcJK70g80KlW2nnJN8qB3Zcu10dF7Cul5LWx-8Zk4W9Bbfi6TF9vUA==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 1240 0
289 B 32ms
31ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147575090&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2Fprediksi-hongkong%2F&qs=na&cc=US&cont=NA&evid=2ifU-0YAYg0CQSg1Y69p&urls=&rnd=1706147575993&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=212&bcnLcy=69

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:56 GMT

GET
H2 204 sync
thrtle.com/ Frame A16B 0
468 B 35ms
35ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 37AF 11 KB
5 KB 47ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68113
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace12e3cd141cd-EWR
content-length: 4547

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 5DC1 19 KB
9 KB 38ms
37ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:56 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 5BCD 107 KB
13 KB 360ms
359ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 5BCD 227 B
271 B 361ms
356ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 5BCD 2 KB
374 B 363ms
357ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 5BCD 28 KB
8 KB 365ms
359ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 5BCD 3 KB
827 B 363ms
357ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 5BCD 86 KB
29 KB 446ms
441ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 5BCD 13 KB
5 KB 436ms
432ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 5BCD 157 KB
26 KB 37ms
34ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461289
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 5BCD 30 KB
7 KB 61ms
57ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4894936
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ace12e6ef2423a-EWR
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 5BCD 21 KB
8 KB 56ms
53ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977782
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 5BCD 62 KB
16 KB 58ms
56ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948463
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 5BCD 95 KB
32 KB 377ms
375ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32851
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 table.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 5BCD 2 KB
778 B 402ms
400ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 755
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 warna.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 5BCD 13 KB
3 KB 401ms
399ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3215
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 5BCD 25 KB
25 KB 376ms
374ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 5BCD 25 KB
25 KB 444ms
442ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 5BCD 25 KB
25 KB 332ms
331ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 5BCD 25 KB
25 KB 337ms
336ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:52:56 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 5BCD 24 KB
24 KB 338ms
333ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 5BCD 25 KB
25 KB 339ms
333ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 5BCD 24 KB
24 KB 344ms
338ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 5BCD 25 KB
25 KB 346ms
341ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 5BCD 25 KB
25 KB 361ms
354ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 5BCD 43 B
182 B 220ms
101ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:57 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 5BCD 3 KB
1 KB 359ms
353ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 5BCD 8 KB
2 KB 301ms
293ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 5BCD 6 KB
2 KB 296ms
292ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 5BCD 112 KB
34 KB 280ms
274ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 5BCD 4 KB
2 KB 278ms
272ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H2

204

sync
nlsn.thrtle.com/ Frame B412
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=7614b770-bb24-11ee-ab35-159b86e69bdf

0
468 B

92ms
51ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=7614b770-bb24-11ee-ab35-159b86e69bdf
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

location: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=7614b770-bb24-11ee-ab35-159b86e69bdf
date: Thu, 25 Jan 2024 01:52:56 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 4D9C 43 B
177 B 48ms
47ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:56 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3

200

362248.gif
idsync.rlcdn.com/ Frame 46AE
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=82383
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af...
https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=16342&cparams=placement%3D710914
https://dpm.demdex.net/ibs:dpid=477&dpuuid=07aacaf693c37dbe55bca1f5acb328cea0304d6b63aaceb34d8084b81df7e6ddb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD...
https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333

42 B
60 B

70ms
68ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

dcs: dcs-prod-va6-2-v053-00fd5bbb2.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Thu, 25 Jan 2024 01:52:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: DZK57V8YT18=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 8DCB 85 B
464 B 41ms
38ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725952
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: Su3Xaf5F7MyZAwc5s1taiSGtMNxndM7jzJAWGCHiH8i6h7HnqX58Tg==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

204

sync
nlsn.thrtle.com/ Frame B322
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=7614b770-bb24-11ee-80d1-a9eb5072f869

0
468 B

156ms
114ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=7614b770-bb24-11ee-80d1-a9eb5072f869
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/pola-dasar/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

location: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=7614b770-bb24-11ee-80d1-a9eb5072f869
date: Thu, 25 Jan 2024 01:52:56 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 9075 0
456 B 58ms
56ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F&r=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
x-t: 1.17
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKrgY0z1pJo3gvEuOPrLjqzyXNlyKbXX25fL5nI28cBHJtz%2FdBpWWgjC9oPRlBO9bvHh2OgygFWpH7qnX4M0FlnO56ERJ9XvcDmzAPTdH3sXquZ%2BQUq3z35lKYYX4A%2BPxa9y5tn2058ehQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 84ace131cc7ec32b-EWR
expires: Thu, 25 Jan 2024 01:53:28 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 9075 33 KB
11 KB 42ms
40ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70531
x-amz-cf-id: QZuNVev9rpKFx8ggRMCOP7wggK_OAsiU3K6kAsXiHctkJW9eMHaj1g==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 9075 2 KB
3 KB 40ms
39ms Script
application/javascript 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 9075 0
339 B 204ms
203ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=5&_ls=9&_cc=us&_pl=d&_b=chrome%40120&_cbid=42ts&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:56 GMT
x-t: 0.086
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gTPPSbeB%2Fv%2BsHOhHi%2B5rU5gu%2FnRownNv4wObPOpyasbHwa5rAJJ8NFqEvNLPw3Zf2PX%2BPJAr2SEXSK9U%2FR9CjMDZGFxa34DUUdIJeBb8FUBLFwvQn0dqXXF%2FxefcjvIUWyoCH7vjzWVMbY%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace131cef68c15-EWR
expires: Thu, 25 Jan 2024 01:52:55 GMT

GET
H3

200

380008.gif
idsync.rlcdn.com/ Frame 5D44
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=75158
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af...
https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=16342&cparams=placement%3D710914
https://cms.analytics.yahoo.com/cms?partner_id=LVRMP
https://ups.analytics.yahoo.com/ups/58768/cms?partner_id=LVRMP
https://idsync.rlcdn.com/380008.gif?partner_uid=y-8gsMkplE2pyrAXQgxq3L5E.FOoW7Sqdv10Q-~A

42 B
60 B

78ms
77ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/380008.gif?partner_uid=y-8gsMkplE2pyrAXQgxq3L5E.FOoW7Sqdv10Q-~A
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/380008.gif?partner_uid=y-8gsMkplE2pyrAXQgxq3L5E.FOoW7Sqdv10Q-~A
date: Thu, 25 Jan 2024 01:52:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 6540 43 B
177 B 48ms
40ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:56 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 37AF 436 B
571 B 204ms
53ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-39550753&@b3:1706147577&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 5f70122d646c9187fcd82ab850d6bdc6e062c01b3da7eaeb664077fc2eb96835

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:56 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 5DC1 0
289 B 28ms
26ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147575324&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2F&qs=na&cc=US&cont=NA&evid=KxfU-0YAm-WL2kye37Bi&urls=&rnd=1706147576909&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=642&bcnLcy=600

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:56 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 2414 0
72 B 67ms
64ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://markas-prediktor.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:52:57 GMT
content-length: 0
vary: Origin

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 8DCB 766 B
1 KB 89ms
88ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387467
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: ZqN62w9-lTxyjdgE9_MpkeGHLm_Lx9eeHGYisIdK3_yvxxd2x7Korg==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 8F8E 0
0 119ms
115ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=65731
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:57 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: c5CtLafFoPEiekKSOz_ZBNXRpe6KIXyJd6uILpePT8oYsEwoVUBxYw==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 5D44 0
144 B 171ms
149ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=98960&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B862AC0F7A44493F8975E53ED1D46A2F Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3BHQn5JgmiNgwSF6g==

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 37AF 22 KB
12 KB 64ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28787
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace135b8eb41cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 37AF 6 KB
3 KB 222ms
201ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-39550753&@b3:1706147577&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 247da79a2ac57cffd5708691570e2c86b97f7980fbfbc9b17aae8001dc0deae5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
x-t: 0.259
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEX6qpxLqf0FMcXD7nfI9JD14cMwRPjyO6R%2FZ2jTXI3JlRDcYipLkGNn%2B57Go7IDPDDWYgg%2B6no3sW9vSahFEYuAe5%2FGf1KQ0EARXZfbO5%2FXRxY4u6oZW79d9UbrIinunu1aVWr7sq7%2F7%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace135bc688c15-EWR
expires: Thu, 25 Jan 2024 01:52:56 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 3BF8 0
0 116ms
115ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=85429
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:52:57 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: B_5i9bXtc-FvdaUEZObbIY_587zd1VaAeqNLmZHq7FzmQwjI58IPiw==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 9075 5 KB
2 KB 69ms
61ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 295
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: LTXTbCltj1ZDp82QqctQk0-K3sP1EFPULISlEz_MH2Pz4CVjEfKtQg==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 9075 2 KB
2 KB 57ms
40ms Script
application/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.20684965631979635&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Thu, 25 Jan 2024 02:52:57 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 9075 42 B
265 B 60ms
42ms Image
image/gif 18.221.210.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2Fprediksi-china%2F&event_source=dtscout&rnd=0.20684965631979635&exptid=ZHgABGWxvucAAAAJA0UvAw%3D%3D&fcmp=false

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.221.210.46 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-210-46.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5BCD 11 KB
5 KB 41ms
39ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68114
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace1373ab041cd-EWR
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame DB4F 10 KB
2 KB 270ms
268ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:57 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 5BCD 75 KB
76 KB 53ms
48ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 12
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace1375ba943f8-EWR
cdn-requestpullsuccess: True

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 9075 167 B
580 B 35ms
34ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame C52E 2 KB
1 KB 28ms
25ms Document
text/html 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.20684965631979635&stid=ZHgABGWxvucAAAAJA0UvAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Thu, 25 Jan 2024 01:52:57 GMT
Expires: Thu, 01 Feb 2024 01:52:57 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H3

200

/ Show response
zona-bermain.com/prediksi-taiwan/ Frame FC0B
Redirect Chain

https://zona-bermain.com/prediksi-taiwan
https://zona-bermain.com/prediksi-taiwan/

97 KB
20 KB

523ms
521ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/prediksi-taiwan/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

49a97b4bb0a5f0b05686907796f64b9013b04bfcb4f63fabfa72105e8132fd28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/paito-warna-taiwan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:58 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/91>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=91>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:57 GMT
location: https://zona-bermain.com/prediksi-taiwan/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 5BCD 18 KB
5 KB 296ms
276ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:57 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:52:57 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 37AF 0
456 B 46ms
41ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:58 GMT
x-t: 1.03
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l932FuSa8NuosFIs8bPpNJhKdQOyIGBFUwaONeKQp%2FHYwUut3ma8PFXt7F1e5wyCVpZa7IvhImdtDDUwtiPUQuwLXwjZaHXxY4JzdzQuFuDqVWcFkgKYeyqpPPZPDYHD7hNA%2BCMl49wWcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 84ace13aac2fc32b-EWR
expires: Wed, 24 Jan 2024 23:32:43 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 37AF 33 KB
11 KB 62ms
58ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70533
x-amz-cf-id: EWyVONwQQtzpj54DlvU0W0VoR8NBxBJ247FEVEq-zKk3oH2ffrMDMw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 37AF 0
419 B 212ms
208ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=19y6lc0ayp&_pv=5&_ls=8&_cc=us&_pl=d&_b=chrome%40120&_cbid=5nek&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:58 GMT
x-t: 0.089
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5PiDedfGXyo0LDfQMiDz5%2FP4qQ6AroZO5mtAUL9ArOpI85usTvvcFRdPMcuVS6gECP%2FhChoutPAqgQVHhUPifxU2YKQylqidMfwsNi1kBHM%2FJAzVBlXrUB7gnH0XPMLVnnupUz0Kg6BvBA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace13aaaee8c15-EWR
expires: Thu, 25 Jan 2024 01:52:57 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame DB4F 15 KB
3 KB 267ms
266ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Thu, 01 Feb 2024 01:52:58 GMT

GET
H3

200

401696.gif
idsync.rlcdn.com/ Frame 4D9C
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=97430
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914
https://tags.bluekai.com/site/2035?phint=rluid=7ee4e2ff072c66e05a5e3418cd107ae9bcd547f52d62cd5f6c0db4701aff62572971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24...
https://idsync.rlcdn.com/401696.gif?partner_uid=hnRqnCtn99Oelqak

42 B
60 B

81ms
80ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401696.gif?partner_uid=hnRqnCtn99Oelqak
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:58 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:58 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
location: https://idsync.rlcdn.com/401696.gif?partner_uid=hnRqnCtn99Oelqak
cache-control: max-age=0, no-cache, no-store
content-length: 0
bk-server: 70c0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 5D44
Redirect Chain

https://um.simpli.fi/lj_match?r=88674
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

29ms
28ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:58 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:58 GMT

GET
H3

200

401696.gif
idsync.rlcdn.com/ Frame 6540
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=73244
https://pippio.com/api/sync?pid=710914&_=5&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914
https://tags.bluekai.com/site/2035?phint=rluid=7ee4e2ff072c66e05a5e3418cd107ae9bcd547f52d62cd5f6c0db4701aff62572971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24...
https://idsync.rlcdn.com/401696.gif?partner_uid=hnRqnCtn99Oelqak

42 B
60 B

61ms
60ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401696.gif?partner_uid=hnRqnCtn99Oelqak
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:58 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:58 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
location: https://idsync.rlcdn.com/401696.gif?partner_uid=hnRqnCtn99Oelqak
cache-control: max-age=0, no-cache, no-store
content-length: 0
bk-server: 9fc7
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 5BCD 438 B
573 B 234ms
118ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20TAIWAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-126438380&@b3:1706147579&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: c46c1b27ca2b58ed0f4d1b10192c4a936bee51bd70e71a8f4e8358325c72a2a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:58 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2

204

sync
thrtle.com/ Frame 46AE
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://pixel-sync.sitescout.com/connectors/throtle/usersync?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D20%26_t%3D1706147578%26_reach%3D1
https://pixel-sync.sitescout.com/connectors/throtle/usersync?cookieQ=1&redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D20%26_t%3D1706147578%26_reach%3D1
https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=e964c162-cc10-4623-9b2f-b3b2ace9505c-65b1befb-5553&vxii_ts=20&_t=1706147578&_reach=1

0
472 B

55ms
55ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=e964c162-cc10-4623-9b2f-b3b2ace9505c-65b1befb-5553&vxii_ts=20&_t=1706147578&_reach=1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:58 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=e964c162-cc10-4623-9b2f-b3b2ace9505c-65b1befb-5553&vxii_ts=20&_t=1706147578&_reach=1
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 4D9C 0
142 B 160ms
159ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=57021&pu=https://zona-bermain.com/prediksi-hongkong/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4C61377E3D3E4411AC204BF4A9F4F627 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3BhSfNoa9CPi9gbKw==

GET
H3

200

397676.gif
idsync.rlcdn.com/ Frame 5D44
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=51022
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://rc.rlcdn.com/456809.gif?n=2&cparams=placement%3D710914
https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=t4U2bDXhcPFO2nXOut0S1hK6NvRjh-po

42 B
60 B

63ms
62ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=t4U2bDXhcPFO2nXOut0S1hK6NvRjh-po
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=t4U2bDXhcPFO2nXOut0S1hK6NvRjh-po
date: Thu, 25 Jan 2024 01:52:59 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1164473
content-length: 0

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame A6D2 85 B
463 B 43ms
42ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725955
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: j-zstcR-uEIveWWdu73R-mszKa7aGBwev-W_LGKWAPm-MRql0e0D-Q==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 6540 0
142 B 126ms
125ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=16613&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 82CA89E4F5934E4EA80404DA05B0C037 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:52:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3BhXFtpmZH15rexGA==

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame FC0B 107 KB
13 KB 359ms
348ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame FC0B 227 B
271 B 649ms
638ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame FC0B 2 KB
374 B 660ms
652ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame FC0B 28 KB
8 KB 661ms
653ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame FC0B 3 KB
827 B 661ms
653ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame FC0B 86 KB
29 KB 663ms
657ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame FC0B 13 KB
5 KB 662ms
656ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame FC0B 157 KB
26 KB 39ms
33ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461292
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame FC0B 30 KB
7 KB 52ms
46ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4894938
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ace1408d07423a-EWR
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame FC0B 21 KB
8 KB 48ms
42ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977784
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame FC0B 62 KB
16 KB 47ms
43ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:52:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948466
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 0.png
zona-bermain.com/script/ Frame FC0B 25 KB
25 KB 657ms
653ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame FC0B 25 KB
25 KB 664ms
661ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame FC0B 25 KB
25 KB 283ms
283ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame FC0B 25 KB
25 KB 285ms
284ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame FC0B 24 KB
24 KB 282ms
275ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame FC0B 25 KB
25 KB 283ms
276ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame FC0B 24 KB
24 KB 308ms
301ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame FC0B 25 KB
25 KB 308ms
302ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame FC0B 25 KB
25 KB 308ms
303ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame FC0B 43 B
182 B 264ms
114ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:59 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame FC0B 3 KB
1 KB 267ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame FC0B 8 KB
2 KB 273ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame FC0B 6 KB
2 KB 274ms
266ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame FC0B 112 KB
34 KB 276ms
268ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame FC0B 4 KB
2 KB 274ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame A6DE 19 KB
9 KB 48ms
47ms Script
text/javascript 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:59 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Thu, 01 Feb 2024 01:52:59 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 5BCD 230 B
530 B 114ms
113ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 5BCD 231 B
531 B 114ms
113ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:52:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame A6D2 766 B
1 KB 94ms
93ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387469
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: qQS6ZTGJOby6-bAdqAojUVZricar-U52yLmMqGcX_UtI0xlTLUoRzA==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame DB4F 11 KB
5 KB 106ms
106ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68116
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace1435a2b41cd-EWR
content-length: 4547

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 37AF 5 KB
2 KB 64ms
64ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 297
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: sYkVC1gAEd5ROw70T62v8ESaai3iBYUuCyaKNqE1l7dZTuQSFLnpHQ==

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 5BCD 13 KB
4 KB 132ms
127ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52246
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace143aa9441cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 5BCD 6 KB
3 KB 212ms
210ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20TAIWAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-126438380&@b3:1706147579&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cc8ecec4b1427d4e19a4725c3883fd2aca66f77e3ad154cafbb79fb8e688011

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
x-t: 4.166
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66g4kydqNaf%2FH4niRHEGuSj5DGH5EKPjRJr9tq27VZnQ7Z3Mj3Ogw6G1b2CKg2DhcW4ukTKqIpCgGA%2B%2BZeK1ngNRyLf6f6S2OfuQPaxXowEmNYeJFDcy9aBPIAAabEJy%2FmCDHVOBUkN06j8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace143ada78c15-EWR
expires: Thu, 25 Jan 2024 01:52:58 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame A6DE 0
289 B 51ms
50ms Image
text/plain 23.34.59.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHgABGWxvucAAAAJA0UvAw%253D%253D&tt=t.dhj&dhjLcy=1706147577515&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2Fprediksi-china%2F&qs=na&cc=US&cont=NA&evid=_YgU-0YA6umOe-F7TbCq&urls=&rnd=1706147579457&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=190&bcnLcy=149

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.34.59.18 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-34-59-18.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 25 Jan 2024 01:52:59 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 4D9C
Redirect Chain

https://um.simpli.fi/lj_match?r=26790
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

40ms
40ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:59 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:59 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 6540
Redirect Chain

https://um.simpli.fi/lj_match?r=41707
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

29ms
23ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:52:59 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:52:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:52:59 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 760A 0
72 B 37ms
36ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://raja.hoki2d.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:52:59 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 37AF 167 B
579 B 35ms
33ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame DB4F 436 B
571 B 245ms
117ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:50708911&@b3:1706147580&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 5f70122d646c9187fcd82ab850d6bdc6e062c01b3da7eaeb664077fc2eb96835

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:52:59 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame EE5D 0
72 B 49ms
22ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:52:59 GMT
content-length: 0
vary: Origin

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame FC0B 11 KB
4 KB 38ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68116
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace145bd2d41cd-EWR
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 66A5 10 KB
2 KB 269ms
269ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:52:59 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame FC0B 75 KB
76 KB 44ms
42ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 14
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace145edc543f8-EWR
cdn-requestpullsuccess: True

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 9075 43 B
177 B 45ms
44ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:52:59 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 5BCD 0
441 B 55ms
48ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&r=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
x-t: 0.78
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l99avR2Hd2mXYj7akzlZSrP27CTzuF7dHU5f5lvmiL5r31o4ZF2jX1fg%2BabR0pc9CdxQsmXdKhQ8AC6c7k2UnbFB%2BGnDABGKh5CpJDgQBcnen%2FO5CNJ6ZKPD0wzCw%2FX6HYt1w8P8fz%2BndQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 84ace1466e7ac32b-EWR
expires: Wed, 24 Jan 2024 23:32:45 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 5BCD 33 KB
11 KB 52ms
47ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70534
x-amz-cf-id: g82b-6FkHBTlL0ell0jlUbjNtLuhFCpYmtdnHxtpUxOCEy5iluElrg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 5BCD 0
289 B 70ms
65ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=6&_ls=13&_cc=us&_pl=d&_b=chrome%40120&_cbid=660o&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-2d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
x-t: 0.155
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPrkL2ilPjTPJh7fa936pVG3GxcYcCHptDpWGLONHdySY02PTPSTTN6rYMMi7PRT6qKHdzJJP19IlIBrmrkhd%2FRowIW1yrwIAm81hDX%2BFo481GTc8ZAVlwdV23NVaXYBACETgarLyW6wIb8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace14668fe8c15-EWR
expires: Thu, 25 Jan 2024 01:52:58 GMT

GET
H3

200

/ Show response
zona-bermain.com/generator-line-angka/ Frame A670
Redirect Chain

https://zona-bermain.com/generator-line-angka
https://zona-bermain.com/generator-line-angka/

96 KB
20 KB

484ms
483ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/generator-line-angka/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

a0104827c2d929e856874f8986ed9895567e6af2d0d72c4dee147ffd55867311

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/prediksi-taiwan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:00 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/159>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=159>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:00 GMT
location: https://zona-bermain.com/generator-line-angka/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame DB4F 22 KB
12 KB 45ms
38ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:52:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28789
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace146be3e41cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame DB4F 6 KB
3 KB 209ms
202ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:50708911&@b3:1706147580&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4403ad1a4d38cd70835a801b766a39f56f26445af5d1db2b2743a70c2e6b979

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
x-t: 0.199
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UHo%2F48BAsk9Ky8oDdaDopc26544vp7kmnkDMtFFNJV9CsDlzEutO1a1ecxPj7nWtwjnEEoIXuPFr0Yxkx3ohQRQYLVb%2Fx6PhQomlNLjmkhN3Drdm9f%2FJviSU1EfD4TGkJ6wmZGVHpILYHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace146b95a8c15-EWR
expires: Thu, 25 Jan 2024 01:52:59 GMT

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame FC0B 438 B
573 B 260ms
118ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20TAIWAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-170771419&@b3:1706147580&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: c46c1b27ca2b58ed0f4d1b10192c4a936bee51bd70e71a8f4e8358325c72a2a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:00 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H3

200

403896.gif
idsync.rlcdn.com/ Frame 4D9C
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=80556
https://pippio.com/api/sync?pid=710914&_=4&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687...
https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D710914
https://sync.srv.stackadapt.com/sync?nid=liveramp
https://idsync.rlcdn.com/403896.gif?partner_uid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=&gdpr_consent=

42 B
60 B

68ms
61ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/403896.gif?partner_uid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=&gdpr_consent=
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://idsync.rlcdn.com/403896.gif?partner_uid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=&gdpr_consent=
Date: Thu, 25 Jan 2024 01:53:00 GMT
Connection: keep-alive
Content-Length: 153
Content-Type: text/html; charset=utf-8

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame B094 85 B
465 B 49ms
46ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725956
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: 9HmmMu_rWZj-xrB7SqoTkoYwpxs-I-9wDhdTt1gEZYy6ODWf_HjjIg==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3

200

403896.gif
idsync.rlcdn.com/ Frame 6540
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=30635
https://pippio.com/api/sync?pid=710914&_=4&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687...
https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D710914
https://sync.srv.stackadapt.com/sync?nid=liveramp
https://idsync.rlcdn.com/403896.gif?partner_uid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=&gdpr_consent=

42 B
60 B

60ms
58ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/403896.gif?partner_uid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=&gdpr_consent=
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://idsync.rlcdn.com/403896.gif?partner_uid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=&gdpr_consent=
Date: Thu, 25 Jan 2024 01:53:00 GMT
Connection: keep-alive
Content-Length: 153
Content-Type: text/html; charset=utf-8

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 73FC 85 B
465 B 61ms
54ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725956
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: vDwExw4epxm2ZXDffoipB1OTSV-RoDWUFRIVd6shZUEKUGKhscyyAw==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 5BCD 5 KB
2 KB 41ms
40ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 298
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: EsgDysxl_4vuILp8hQyZa1VFI5fEfK3iD7IRg6V8kXrsf1WbmULlyQ==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame B094 766 B
1 KB 39ms
36ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387470
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: oSJWafXrfiRtlu5SJNQHVtV6-skBw0FIwF719Ixrx29hZBFxQbF1qg==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 66A5 15 KB
3 KB 259ms
259ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Thu, 01 Feb 2024 01:53:00 GMT

GET
H2

204

sync
thrtle.com/ Frame 5D44
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://a.tribalfusion.com/i.match?p=b31&redirect=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5042%26vxii_pdid%3D%24TF_USER_ID_ENC%24%26vxii_ts%3D22%26_t%3D1706147580%26_reach%3D1&u=6e41526d-de95-...
https://s.tribalfusion.com/z/i.match?p=b31&redirect=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5042%26vxii_pdid%3D%24TF_USER_ID_ENC%24%26vxii_ts%3D22%26_t%3D1706147580%26_reach%3D1&u=6e41526d-de9...
https://thrtle.com/sync?vxii_pid=5042&vxii_pdid=18072662068155564785&vxii_ts=22&_t=1706147580&_reach=1

0
473 B

34ms
33ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5042&vxii_pdid=18072662068155564785&vxii_ts=22&_t=1706147580&_reach=1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-hongkong/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:00 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 211
content-type: text/html
location: https://thrtle.com/sync?vxii_pid=5042&vxii_pdid=18072662068155564785&vxii_ts=22&_t=1706147580&_reach=1
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84ace14a6dec42d0-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 73FC 766 B
1 KB 48ms
24ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387470
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 3sFUFk-ArvfZ1vB4MWdB8u_AYO4z07xAI17nMozvd2JpKaVNw6B3Pg==

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame FC0B 18 KB
5 KB 249ms
249ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:53:00 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame DB4F 0
574 B 48ms
46ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
x-t: 1.39
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtggbHVqcuMXfMKeYLWSt53o18n3HNWMtw5YLZ0%2BImiA6t8QNgrmo947InVmdcn1CIzQHxSMoQemBhzGP%2FGG3l%2F1uaBg5mAbC4Nr95HA4Vba90EGRGFsDZf%2ByviGHikAcLJT%2F4p7nY9y1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 84ace148d90bc32b-EWR
expires: Thu, 25 Jan 2024 01:56:25 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame DB4F 33 KB
11 KB 70ms
69ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70535
x-amz-cf-id: LF2siN4Y0IN030lq0DxBdQbaa6xZ30Q2AWJudl9WYnNPtqlgc8MBPA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame DB4F 0
289 B 203ms
203ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=19y6lc0ayp&_pv=6&_ls=10&_cc=us&_pl=d&_b=chrome%40120&_cbid=3t4k&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
x-t: 0.091
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkOfA3swnO7n%2Ba%2B1ajy6gbCkG6cOcSd%2Fzb728I%2FAO5s2FMxnjp7II52VvovsmOg0WAXxrQR%2BKyaGGVj7xJoPYTpWjL2Ejn6kYvvCWEh8Nqqv8xxqyvbgIV%2B6MI7ewiPJr8OHET71YG1Ihdk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace148ec6a8c15-EWR
expires: Thu, 25 Jan 2024 01:52:59 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 5BCD 167 B
580 B 38ms
37ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame FC0B 13 KB
4 KB 76ms
75ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52247
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace1496aa541cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame FC0B 6 KB
3 KB 231ms
231ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20TAIWAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-170771419&@b3:1706147580&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d5e465c2d75722b4036e73801808d891f1f65fac836cb13a5dc34cc15fe60c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
x-t: 0.208
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCnnzBhM32Tl2SnThF61onrIP%2F%2F%2F3N6n7O3BY1sRqo8VAziiI5EeZ7ZMUoD%2BtciAJzcbwXVFHSoO7ecbwcIfzA9m799nTwhQa4S0nkQrBxjJppmAntewYRhSR2eSY3fguHI8thdTGjZIopQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace1496d4b8c15-EWR
expires: Thu, 25 Jan 2024 01:52:59 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 54E7 0
0 72ms
71ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=65402
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: ZpXqjifvizAxpM8KgnJIK7d_E_1OZvYZDy-bqu9k-kIee_-R6ier3A==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame DB4F 5 KB
2 KB 53ms
49ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 298
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: uRv4h7Ju47B1dOPZphhHzr4jXlZCTxqT_HCAHiGVasl8ZZJv9k43Tw==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 37AF 43 B
177 B 42ms
42ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:00 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 66A5 11 KB
5 KB 49ms
48ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68117
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace14a3bf341cd-EWR
content-length: 4547

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame FC0B 230 B
530 B 30ms
26ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:53:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame FC0B 231 B
531 B 28ms
26ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:53:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame DB4F 167 B
579 B 26ms
24ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 66A5 436 B
571 B 232ms
117ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-23824756&@b3:1706147581&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 5f70122d646c9187fcd82ab850d6bdc6e062c01b3da7eaeb664077fc2eb96835

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:00 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame BBD3 4 KB
1 KB 267ms
162ms XHR
application/json 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://rtx.dudasoleh.lol/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: gzip
via: 1.1 087e16218fcf1ccb7472a2c9f6a4cbe2.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P1
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: n-TPIcyNWv-2Ob63oQtChkJYOcQGd9ssYNHyc7xtr440TSkhobbLIw==

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame D5AB 4 KB
1 KB 224ms
120ms XHR
application/json 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://bolo.treksantuy.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Jan 2024 10:49:09 GMT
content-encoding: gzip
via: 1.1 087e16218fcf1ccb7472a2c9f6a4cbe2.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P1
age: 54232
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-id: FFAe1jNquCmMg4vCkvsCJLiJxJ3jIIbzFaDpPCASsXCIcaSC6lA1_g==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame FC0B 0
434 B 80ms
78ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&r=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
x-t: 8.21
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mt5Tu0WfiT0O2KKFlPO3evOUknQGdvGLJZdAs3Nh9twSHEOCoyjHNXI8N7h4CglDwPVNUsImee%2Bmji9%2B9FliEJGefykNtj8BSzSHJVXhw31n4Q6vB1riZCGhTWDuxotQc%2B9ofF4fpL%2BqJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 84ace14b8b82c32b-EWR
expires: Thu, 25 Jan 2024 01:50:42 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame FC0B 33 KB
11 KB 73ms
72ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70535
x-amz-cf-id: peiJma2nddQdI_NwKav9uz7BNENageSzXMSr6DP7FpERwWuok2MagA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame FC0B 0
286 B 205ms
201ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=7&_ls=13&_cc=us&_pl=d&_b=chrome%40120&_cbid=5rdo&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:00 GMT
x-t: 0.116
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G25Dus1oHRKgTaRowglSJ9i3eK09LsMekoAKpBxQdf9584uB39Kq6fyiqMijSdkx%2Ft4Ne%2F%2FYeC%2Fo9Zs0IWTjk2I4GaCe3jXI%2FJFqgnVOKIjRLnUIBQonLEwCTPea0e6pvMF6hovPGgzJB3I%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace14b9fb48c15-EWR
expires: Thu, 25 Jan 2024 01:52:59 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame A16B 0
72 B 80ms
79ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:53:01 GMT
content-length: 0
vary: Origin

GET
H3

200

364708.gif
idsync.rlcdn.com/ Frame 9075
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=52952
https://pippio.com/api/sync?pid=710914&_=4&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af...
https://ei.rlcdn.com/448046.gif?n=1&partner_site_id=16342&cparams=placement%3D710914
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01EC61A11KAM4QCFG5RN38VQJZ
https://idsync.rlcdn.com/364708.gif?lr=true&partner_uid=A196988373E0DF79D80FEEE23DFA7704

42 B
60 B

54ms
53ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/364708.gif?lr=true&partner_uid=A196988373E0DF79D80FEEE23DFA7704
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:01 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref=/static/w3c/p3p.xml, CP="DSP NON DEVo PSAo PSDo OUR BUS NAV COM STA UNI"
location: https://idsync.rlcdn.com/364708.gif?lr=true&partner_uid=A196988373E0DF79D80FEEE23DFA7704
cache-control: max-age=0, no-cache, no-store
cf-ray: 84ace14fcb72c33d-EWR
content-length: 0

GET
H2

204

sync
thrtle.com/ Frame 4D9C
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://pm.w55c.net/ping_match.gif?rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1706147581%26_reach%3D1&st=THROTLE
https://pm.w55c.net/ping_match.gif?scc=1&rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1706147581%26_reach%3D1&st=THROTLE
https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=TN3E0Vtl1RsOVn5&vxii_ts=24&_t=1706147581&_reach=1&st=THROTLE

0
473 B

34ms
32ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=TN3E0Vtl1RsOVn5&vxii_ts=24&_t=1706147581&_reach=1&st=THROTLE
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-035119cc137c66ad2@us-east-1e@dxedge-app-us-east-1-prod-asg
Location: https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=TN3E0Vtl1RsOVn5&vxii_ts=24&_t=1706147581&_reach=1&st=THROTLE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 5BCD 43 B
177 B 43ms
42ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:01 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame D5AB 317 B
1 KB 64ms
63ms XHR
application/json 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: fd10f45a43828208fd2197f4c4147fb92d8b21015def2c1ba4a81a035d87c218

Request headers

Referer: https://bolo.treksantuy.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://bolo.treksantuy.xyz
cache-control: no-cache
x-server: 10.40.50.204
access-control-allow-credentials: true
content-length: 317
expires: 0

GET
H2

204

sync
thrtle.com/ Frame 6540
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://pm.w55c.net/ping_match.gif?rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1706147581%26_reach%3D1&st=THROTLE
https://pm.w55c.net/ping_match.gif?scc=1&rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1706147581%26_reach%3D1&st=THROTLE
https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=TN3E0Vtl1RsOVn5&vxii_ts=24&_t=1706147581&_reach=1&st=THROTLE

0
472 B

86ms
84ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=TN3E0Vtl1RsOVn5&vxii_ts=24&_t=1706147581&_reach=1&st=THROTLE
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-china/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-052b26b41c78e6ba7@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=TN3E0Vtl1RsOVn5&vxii_ts=24&_t=1706147581&_reach=1&st=THROTLE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame DCAD 0
0 67ms
61ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=49189
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:01 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: zVMtpOEdb6de7U2lxNzCX7pi33qvDhTuV-ZddHXV9R0BkMmrCvxHHg==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame DB4F 43 B
177 B 81ms
81ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:01 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame BBD3 323 B
1 KB 137ms
136ms XHR
application/json 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3e154703c1024ab648e2c74bd3a9714683363b6a3974b6b0dd0a825b0dfe9ca5

Request headers

Referer: https://rtx.dudasoleh.lol/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://rtx.dudasoleh.lol
cache-control: no-cache
x-server: 10.40.61.140
access-control-allow-credentials: true
content-length: 323
expires: 0

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 66A5 22 KB
12 KB 38ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28791
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace14edb6141cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 66A5 6 KB
3 KB 196ms
196ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-23824756&@b3:1706147581&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b2452b9b804aab984fe166b5eb4d377118b891a6e270b66aeb5c8d088b661d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
x-t: 0.209
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSb2nsOT1mnRi1tSCup3cs4bw96zT8RINkKbnxvEdjyWS6qPx6YG1Az1dXSPC0j8k7PLlL%2BUNLeQGr2Wp0DzftQX%2BFQASrwaWywbF%2FjiRR4TyoQ9xFbEDJbe2jhH0poE9YtsPVPz2eTr06U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace14edbcc8c15-EWR
expires: Thu, 25 Jan 2024 01:53:00 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame FC0B 5 KB
2 KB 45ms
45ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 299
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: zPfaOdbq8P3oReKJwHcIZq59jXJJYxzs4FZmBo5BxHaZRcQdJYLDbg==

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame A670 107 KB
13 KB 255ms
254ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame A670 227 B
271 B 261ms
254ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame A670 2 KB
374 B 262ms
255ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame A670 28 KB
8 KB 264ms
257ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame A670 3 KB
827 B 263ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame A670 86 KB
29 KB 265ms
258ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame A670 13 KB
5 KB 272ms
266ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame A670 157 KB
26 KB 42ms
36ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461294
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A670 30 KB
7 KB 50ms
44ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4894941
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ace14fde59423a-EWR
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame A670 21 KB
8 KB 47ms
41ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977787
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame A670 62 KB
16 KB 49ms
43ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948469
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
zona-bermain.com/js/ Frame A670 0
0 580ms
574ms Script
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/js/jquery-1.10.2.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
server: LiteSpeed
x-powered-by: PHP/8.2.14
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame A670 25 KB
25 KB 273ms
269ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame A670 25 KB
25 KB 283ms
280ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame A670 25 KB
25 KB 336ms
331ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame A670 25 KB
25 KB 307ms
302ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame A670 24 KB
24 KB 405ms
398ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame A670 25 KB
25 KB 405ms
399ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame A670 24 KB
24 KB 407ms
403ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame A670 25 KB
25 KB 407ms
404ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame A670 25 KB
25 KB 408ms
404ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame A670 43 B
182 B 237ms
118ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:02 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame A670 3 KB
1 KB 398ms
396ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame A670 8 KB
2 KB 383ms
380ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame A670 6 KB
2 KB 383ms
377ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame A670 112 KB
34 KB 404ms
398ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:53:01 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame A670 4 KB
2 KB 384ms
378ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:53:01 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame B412 0
72 B 39ms
37ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:53:01 GMT
content-length: 0
vary: Origin

POST
H2 200 a
a.dtssrv.com/ Frame D5AB 0
283 B 255ms
115ms Ping
text/html 2606:4700:e6::ac40:ce0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A0170614755864712164A73D22398F&k=lotpano&v=4b6390b5545645901120d5076ad2a9fb927a1e3a088d72553a5bc27d58fa10e5
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEZ9Fotoi%2BgBUZ%2B5%2FzLQgYDBEQaA%2B%2BaQWkXbiLJJNNmsLPdoOs9JWBCK1zPP2WNM6RBYOpt8562cQ7XB48bKVQrAXwWA4MCoHITlCVCQgvxHk6Kw%2FQgbOxAwWYw61JlMNiSZoNWKW5ZpcCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 84ace151983e0c88-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 4BF7 2 KB
1 KB 39ms
39ms Document
text/html 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 35415
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 24 Jan 2024 16:05:55 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 9d71affbaf22baf23eab459f3d2ee77a.cloudfront.net (CloudFront)
x-amz-cf-id: uU1XVsPhNU3WLynpP9fptYq21Z9XX9rnApjBQf8_CYfY04C7zY3Y_A==
x-amz-cf-pop: ORD56-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

POST
H2 200 a
a.dtssrv.com/ Frame BBD3 0
441 B 190ms
58ms Ping
text/html 2606:4700:e6::ac40:ce0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A0170614755864712164A73D22398F&k=lotpano&v=4b6390b5545645901120d5076ad2a9fb927a1e3a088d72553a5bc27d58fa10e5
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otLYJPFwoGLATPNFQyTfEfFNSrHqr%2FC7Hol4xCbbj1pWWBgBq91gGwLDmDsCNeHxrqniLoaxaMeGuTkpWoLn9TE%2FGm9vTDuSr0udfjhhS7GGMG3ybgRqMSYcylI%2B2oMx3ZG01DTCRTHUHUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 84ace15198410c88-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 447C 2 KB
1 KB 52ms
51ms Document
text/html 108.156.91.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.91.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-91-83.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 35415
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 24 Jan 2024 16:05:55 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 9d71affbaf22baf23eab459f3d2ee77a.cloudfront.net (CloudFront)
x-amz-cf-id: eHzYAVhsJcEnfQWtDzBbVbHcBUV6n_oqX5FMup4sxUeBN3ByGYUdQg==
x-amz-cf-pop: ORD56-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame FC0B 167 B
580 B 33ms
30ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 9075 0
143 B 134ms
133ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=87794&pu=https://zona-bermain.com/prediksi-china/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A37DA28D0827484DB464F8C18D396187 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:53:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3CLq1T+DoSSPK5roQ==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame B98D 0
0 79ms
76ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=79408
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:01 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: ishow6RXTond393p4qL0Ibxi2MlChhVrUpGU_nv2Uj2u8r9mhwwPvg==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H3

200

367148.gif
idsync.rlcdn.com/ Frame 37AF
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=44964
https://pippio.com/api/sync?pid=710914&_=4&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://rc.rlcdn.com/456809.gif?n=4&cparams=placement%3D710914
https://sync-tm.everesttech.net/upi/pid/w8wqx7f2?redir=https%3A%2F%2Fidsync.rlcdn.com%2F367148.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24%7BTM_USER_ID%7D
https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=ZbG_8AARAHb41ABH

42 B
60 B

282ms
281ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=ZbG_8AARAHb41ABH
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

x-served-by: cache-ewr18154-EWR
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706147582.000034,VS0,VE0
x-cache: HIT
location: https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=ZbG_8AARAHb41ABH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 3A96 0
0 74ms
73ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=1182
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:01 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: 8fgG2n4Nl3TjpU_Z9cVM4PcyNhdhMmLKRXYz3QIVwAZhMFqdlGbpJA==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 66A5 0
458 B 73ms
71ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
x-t: 14.59
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uK9QrW2890RNQ5%2FjTX%2BK8KfsN0pZ8MiFaZdTAvnSZAhCQIR13VauwfslFGpgGaAbsdc%2FpZrHfxul8PTYaO%2B9YZi3nrMuseRiB3EvDKWeCKYxyoVFloot1H5c%2BBEgpfTbWgdXpn8eI8Lrnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 84ace1520a7ec32b-EWR
expires: Thu, 25 Jan 2024 01:28:49 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 66A5 33 KB
11 KB 62ms
61ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70536
x-amz-cf-id: jSNE3mYRQI7QaGtLrudd94USXeDQzwlDH3A3mh1OLOFYiQWOF499kw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 66A5 0
288 B 219ms
219ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=19y6lc0ayp&_pv=7&_ls=12&_cc=us&_pl=d&_b=chrome%40120&_cbid=61xi&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:01 GMT
x-t: 0.095
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5i%2Fv9I%2BtfWDsurgLGcjiQBsuvTUVhZx4pZv8qQB%2BYCnOkoxUjghOWCOUIPYiGmjWsvG481W1uGpO7g1XAUEQt%2F%2BQWpOExP6BcGeJP80mlZpXwoDOquaMXtYhJVyNzVVCJeWU3Uj2bNf1Yc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace1520fc58c15-EWR
expires: Thu, 25 Jan 2024 01:53:00 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame B322 0
72 B 40ms
40ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:53:01 GMT
content-length: 0
vary: Origin

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 24E4 4 KB
4 KB 37ms
34ms Document
text/html 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b94aaa542870893d7f2358ef9bd17ea004e192822679a250f8d8402aaec5de06

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 3917
content-type: text/html
date: Thu, 25 Jan 2024 01:53:01 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.9.56

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame D34D 3 KB
3 KB 53ms
52ms Document
text/html 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a40f3c087da9bfbea0de7d5babcb4c249077d5425932bd973e44485b6cafa5c9

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 3303
content-type: text/html
date: Thu, 25 Jan 2024 01:53:01 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.49.220

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 66A5 5 KB
2 KB 50ms
47ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 299
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: _wHRk04iPDGw4MWO_F7_zDCycMQeHOsOp5MhepLYjWwggwO5tx2IzQ==

GET
H2

204

/
partner.mediawallahscript.com/ Frame 24E4
Redirect Chain

https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=cf48f38f57b5afc8f1fef27f7cc9f596&custom=&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=cf48f38f57b5afc8f1fef27f7cc9f596&custom=&tag_format=img&tag_action=sync&final=true&reqid=79377b40-bb24-11ee-a13a-6f03d2ab8...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=6295036647698144493&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=7959d050-bb24-11ee-9f21-a97edee91416?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=cf48f38f57b5afc8f1fef27f7cc9f596&tag_format=img&tag_action=sync&cb=727109267
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=ad295b94-2022-4a08-8e14-97c9109b6633&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=7959d050-bb24-11ee-9f21-a97edee91416&cb=1706147582871&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=e588d447-fe46-4097-b02b-cd210b2d0321&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1706147582871
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=79d12330-bb24-11ee-b489-7530d5baf48f

0
406 B

38ms
38ms

Image
text/plain

44.206.54.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=79d12330-bb24-11ee-b489-7530d5baf48f
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 44.206.54.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-54-3.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Thu, 25 Jan 2024 01:53:03 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=79d12330-bb24-11ee-b489-7530d5baf48f
date: Thu, 25 Jan 2024 01:53:03 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

m
cm.mgid.com/ Frame 24E4
Redirect Chain

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=cf48f38f57b5afc8f1fef27f7cc9f596
https://cm.mgid.com/m?c=cf48f38f57b5afc8f1fef27f7cc9f596&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

43 B
158 B

199ms
197ms

Image
image/gif

2606:4700:1::6813:824c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?c=cf48f38f57b5afc8f1fef27f7cc9f596&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Protocol

Server

2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 84ace155fc6a8c65-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
location: https://cm.mgid.com/m?c=cf48f38f57b5afc8f1fef27f7cc9f596&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 84ace1546a308c65-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 24E4 43 B
855 B 94ms
88ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=cf48f38f57b5afc8f1fef27f7cc9f596

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B2BHFE7TZZ8TCA0G8MYP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 24E4
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

0
316 B

24ms
23ms

Image
text/plain

216.22.16.73
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Server: 216.22.16.73 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:01 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6454740188857927412/gdpr=/ Frame 24E4
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1040
https://c1.adform.net/serving/cookie/match?CC=1&party=1040
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6454740188857927412/gdpr=/gdpr_consent=

49 B
264 B

31ms
30ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6454740188857927412/gdpr=/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.6.242
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6454740188857927412/gdpr=/gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

41715
i6.liadm.com/s/ Frame 24E4
Redirect Chain

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=cf48f38f57b5afc8f1fef27f7cc9f596
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=cf48f38f57b5afc8f1fef27f7cc9f596

43 B
548 B

558ms
112ms

Image
image/gif

2600:1f18:ed:550a:6220:97e8:2a1e:4cc1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=cf48f38f57b5afc8f1fef27f7cc9f596

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:6220:97e8:2a1e:4cc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:02 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=cf48f38f57b5afc8f1fef27f7cc9f596
Date: Thu, 25 Jan 2024 01:53:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 0

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ad295b94-2022-4a08-8e14-97c9109b6633/gdpr=0/ Frame 24E4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ad295b94-2022-4a08-8e14-97c9109b6633/gdpr=0/gdpr_consent=

49 B
264 B

106ms
103ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ad295b94-2022-4a08-8e14-97c9109b6633/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.3.200
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ad295b94-2022-4a08-8e14-97c9109b6633/gdpr=0/gdpr_consent=
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Kestrel
content-length: 249

GET
H2

200

tpid=b5cbacce-642a-4359-9f77-3f20d5a1fa2a
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 24E4
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b5cbacce-642a-4359-9f77-3f20d5a1fa2a%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ad295b94-2022-4a08-8e14-97c9109b6633&ttd_puid=b5cbacce-642a-4359-9f77-3f20d5a1fa2a%2Chttps%253A%252F%252Fsync.crwdcntrl.n...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b5cbacce-642a-4359-9f77-3f20d5a1fa2a

49 B
264 B

36ms
36ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b5cbacce-642a-4359-9f77-3f20d5a1fa2a
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.51.47
content-length: 49
expires: 0

Redirect headers

date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=b5cbacce-642a-4359-9f77-3f20d5a1fa2a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

tpid=66e91b8070adee7da00d6c47436dcdba
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame 24E4
Redirect Chain

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=66e91b8070adee7da00d6c47436dcdba

49 B
265 B

75ms
74ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=66e91b8070adee7da00d6c47436dcdba
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.59.156
content-length: 49
expires: 0

Redirect headers

date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 142
x-xss-protection: 1; mode=block
pragma: no-cache
to-dmp-sync: s3b-dmp-use1-aws.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=66e91b8070adee7da00d6c47436dcdba
access-control-allow-origin: *
cache-control: no-store
cf-ray: 84ace1559ca272b9-EWR
expires: 0

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 24E4 0
543 B 603ms
66ms Image
text/plain 40.71.11.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:cf48f38f57b5afc8f1fef27f7cc9f596
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:02 GMT
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Arr-Disable-Session-Affinity: true
Content-Length: 0
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame 24E4 42 B
297 B 85ms
84ms Image
image/gif 52.95.251.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.251.104 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-95-251-104.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:02 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHgABGWxvucAAAAJA0UvAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET image.sbxx
global.ib-ibi.com/ Frame 24E4 0
0

GET
H3 200 utsync.ashx
ml314.com/ Frame 24E4 43 B
60 B 164ms
161ms Image
image/gif 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0,Fri, 26 Jan 2024 01:53:02 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 24E4
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=0&gdpr_consent=

49 B
265 B

177ms
177ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.12.226
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-24e51cb4-810c-5131-43e4-999a25f3bde6$ip$206.66.96.82&gdpr=0&gdpr_consent=
Date: Thu, 25 Jan 2024 01:53:02 GMT
Connection: keep-alive
Content-Length: 166
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 24E4 70 B
440 B 53ms
52ms Image
image/gif 34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=51mdg9u&uid=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 25 Jan 2024 01:53:02 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 24E4
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-m7KclLBE2pw3aQq9juom2IBvhWddTukHMk4-~A&gdpr=0

49 B
264 B

222ms
219ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-m7KclLBE2pw3aQq9juom2IBvhWddTukHMk4-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.57.69
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-m7KclLBE2pw3aQq9juom2IBvhWddTukHMk4-~A&gdpr=0
date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e964c162-cc10-4623-9b2f-b3b2ace9505c-65b1befb-5553/ Frame 24E4
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e964c162-cc10-4623-9b2f-b3b2ace9505c-65b1befb-5553/gdpr=0

49 B
264 B

255ms
253ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e964c162-cc10-4623-9b2f-b3b2ace9505c-65b1befb-5553/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.2.165
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:01 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e964c162-cc10-4623-9b2f-b3b2ace9505c-65b1befb-5553/gdpr=0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 24E4 170 B
188 B 139ms
136ms Image
image/png 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2Y0OGYzOGY1N2I1YWZjOGYxZmVmMjdmN2NjOWY1OTY&gdpr=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5907
tags.bluekai.com/site/ Frame 24E4 62 B
306 B 166ms
161ms Image
image/gif 104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=865e1c16b495eb33db291e2f735a7862
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 25 Jan 2024 01:53:02 GMT
content-length: 62
content-type: image/gif

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame 24E4 103 B
721 B 525ms
202ms Script
application/json 13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 103
x-amz-cf-id: oHeU_EvHhUPvzogHuAvYS0vHgnu1E_27EjomBiPj4vWVAqKYH9tdZQ==
expires: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 24E4 170 B
188 B 99ms
97ms Image
image/png 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=Y2Y0OGYzOGY1N2I1YWZjOGYxZmVmMjdmN2NjOWY1OTY&gdpr=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2466746828872905745/ Frame 24E4
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/cf48f38f57b5afc8f1fef27f7cc9f596/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2466746828872905745/gdpr=0

49 B
265 B

74ms
74ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2466746828872905745/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.59.129
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2466746828872905745/gdpr=0
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

rand=272346446
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6295036647698144493/gdpr=0/ Frame 24E4
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=272346446
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6295036647698144493/gdpr=0/rand=272346446

49 B
264 B

72ms
72ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6295036647698144493/gdpr=0/rand=272346446
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C145%2C122%2C116%2C106%2C104%2C92%2C81%2C78%2C61%2C54%2C49%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.9.167
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
an-x-request-uuid: cb8aba84-477b-457a-8b01-63baf9186a7e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6295036647698144493/gdpr=0/rand=272346446
x-proxy-origin: 206.66.96.82; 206.66.96.82; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

c.gif
tag.crsspxl.com/ Frame D34D
Redirect Chain

https://tag.crsspxl.com/c.gif?t=57603&gdpr=0
https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0

43 B
142 B

30ms
30ms

Image
image/gif

34.232.140.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Server: 34.232.140.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-140-51.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:01 GMT
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Date: Thu, 25 Jan 2024 01:53:01 GMT
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame D34D
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC...
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=7bca4447-e173-4f17-bfe3-cf8b1ed4ded5&gdpr=0

49 B
265 B

52ms
49ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=7bca4447-e173-4f17-bfe3-cf8b1ed4ded5&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.56.169
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=7bca4447-e173-4f17-bfe3-cf8b1ed4ded5&gdpr=0
Date: Thu, 25 Jan 2024 01:53:02 GMT
Connection: keep-alive
X-CI-RTID: 3dbf405e-f9c9-4310-a2c2-17de33bcecf0
Content-Length: 131
Content-Type: text/html; charset=utf-8

GET
H2 200 /
wt.rqtrk.eu/ Frame D34D 43 B
350 B 590ms
214ms Image
image/gif 51.222.241.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=554383409&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=cf48f38f57b5afc8f1fef27f7cc9f596
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.241.100 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-011.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 2
content-length: 43
expires: Thu, 25 Jan 2024 01:53:01 GMT

GET
H2

200

engine
pbid.pro-market.net/ Frame D34D
Redirect Chain

https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=cf48f38f57b5afc8f1fef27f7cc9f596
https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=cf48f38f57b5afc8f1fef27f7cc9f596&sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=ODYxMjEzMjAxMDE1NDkzNjE0Mg==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEIlcK9XCCu_foCWWitT1fIg&google_cver=1

43 B
398 B

76ms
58ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEIlcK9XCCu_foCWWitT1fIg&google_cver=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp2
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEIlcK9XCCu_foCWWitT1fIg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame D34D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=10237D68-79EE-4DDB-9844-23D48C3515B3&gdpr=0

49 B
263 B

81ms
80ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=10237D68-79EE-4DDB-9844-23D48C3515B3&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.9.24
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=10237D68-79EE-4DDB-9844-23D48C3515B3&gdpr=0
date: Thu, 25 Jan 2024 01:53:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D34D
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0
https://id5-sync.com/c/19/19/9/1.gif?puid=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&gdpr_consent=&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=ad295b94-2022-4a08-8e14-97c9109b6633&ttl=%%TTL%%
https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/19/2/7/3.gif?puid=6295036647698144493&gdpr=0&gdpr_consent=
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-8ecexFEgJB5Iu8tSaj_j00JSPK56HlrMievguaVvAA/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F6%2F4.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/6/4.gif?puid=2466746828872905745&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F5%2F5.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/19/136/5/5.gif?puid=ZbG_8AARAHb41ABH&gdpr=0&gdpr_consent=
https://sync.sharethis.com/id5?uid=ID5-8ecexFEgJB5Iu8tSaj_j00JSPK56HlrMievguaVvAA&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F4%2F6%2Fgif%2F0%2F0%2F0%2F0%2F
https://id5-sync.com/a/19/121/4/6/gif/0/0/0/0/ZHgABGWxvucAAAAJA0UvAw==
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=0/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F3%2F7.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=865e1c16b495eb33db291e2f735a7862&redir=https://id5-sync.com/c/19/321/3/7.gif?puid=$_BK_UUID&gdpr=0&gdpr_consent=&gdpr_consent=&gdpr=0
https://id5-sync.com/c/19/321/3/7.gif?puid=41%2Fqn3Ud99ef3qak
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP/gdpr=0/gdpr_consent=?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&id5id=ID5-8ecexFEgJB5Iu8tSaj_j00JSPK56HlrMi...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2Y0OGYzOGY1N2I1YWZjOGYxZmVmMjdmN2NjOWY1OTY&id5id=ID5-8ecexFEgJB5Iu8tSaj_j00JSPK56HlrMievguaVvAA

170 B
188 B

44ms
44ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2Y0OGYzOGY1N2I1YWZjOGYxZmVmMjdmN2NjOWY1OTY&id5id=ID5-8ecexFEgJB5Iu8tSaj_j00JSPK56HlrMievguaVvAA

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:04 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2Y0OGYzOGY1N2I1YWZjOGYxZmVmMjdmN2NjOWY1OTY&id5id=ID5-8ecexFEgJB5Iu8tSaj_j00JSPK56HlrMievguaVvAA
cache-control: no-cache
x-server: 10.40.2.248
content-length: 0
expires: 0

GET
H2 200 insync
thrtle.com/ Frame D34D 43 B
298 B 61ms
53ms Image
image/gif 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=cf48f38f57b5afc8f1fef27f7cc9f596
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 25 Jan 2024 01:53:02 GMT
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame D34D 43 B
433 B 594ms
226ms Image
image/gif 18.160.249.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=cf48f38f57b5afc8f1fef27f7cc9f596
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.249.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-249-36.ord58.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:02 GMT
Via: 1.1 9194c442b098b961aed83447bc467cb6.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: ORD58-P5
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: HxTwSB-F1k6dItwy1qzpJG0KKQaGUmHaY9k_08ZrPSgemOx-BffsgQ==

GET
H2 200 cm
trc.taboola.com/sg/lotame/1/ Frame D34D 43 B
407 B 510ms
279ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lotame/1/cm
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms: 18
date: Thu, 25 Jan 2024 01:53:02 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 17494
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ewr18130-EWR
pragma: no-cache
server: nginx
x-timer: S1706147582.289286,VS0,VE18
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame D34D
Redirect Chain

https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=1876e5ae-0905-46ed-82eb-d67066955afa&gdpr=0

49 B
264 B

38ms
38ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=1876e5ae-0905-46ed-82eb-d67066955afa&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.2.167
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=1876e5ae-0905-46ed-82eb-d67066955afa&gdpr=0
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'

GET 7
sync.search.spotxchange.com/audience_sync/ Frame D34D 0
0

GET
H2 204 /
loadus.exelator.com/load/ Frame D34D 0
620 B 301ms
174ms Image
text/plain 34.229.3.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=260&buid=cf48f38f57b5afc8f1fef27f7cc9f596&j=0&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-3-43.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 ibs:dpid=121998&dpuuid=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
dpm.demdex.net/ Frame D34D 42 B
717 B 81ms
75ms Image
image/gif 3.237.59.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.237.59.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-237-59-54.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-06c215987.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: uSS+ymtRR1Y=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

19505
tags.bluekai.com/site/ Frame D34D
Redirect Chain

https://pixel.onaudience.com/?mapped=cf48f38f57b5afc8f1fef27f7cc9f596&partner=104&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9a20bd7ec2f0dedd/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
https://pixel.onaudience.com/?partner=252&mapped=y-DskA2YJE2pSN_yVYoy2xFGzkWPsinn6JaA--~A&gdpr=0
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=fd031a111ba307de
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI
https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI
https://tags.bluekai.com/site/19505?id=y-m_z2SHRE2pIiVDxR0TWgzUXjAnu.BA8qPC8-~A

62 B
306 B

148ms
148ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/19505?id=y-m_z2SHRE2pIiVDxR0TWgzUXjAnu.BA8qPC8-~A
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 25 Jan 2024 01:53:03 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/19505?id=y-m_z2SHRE2pIiVDxR0TWgzUXjAnu.BA8qPC8-~A
date: Thu, 25 Jan 2024 01:53:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame D34D 0
337 B 52ms
47ms Image
text/plain 34.202.176.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=cf48f38f57b5afc8f1fef27f7cc9f596
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.176.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-176-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n029-ash-prod.krxd.net
date: Thu, 25 Jan 2024 01:53:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1706147582
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame D34D
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=cf48f38f57b5afc8f1fef27f7cc9f596
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=ZbG-_rvK28MRGFFZTtBNX1oV&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=35827208354728692942570658140409409333
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...
https://aorta.clickagy.com/pixel.gif?ch=4&cm=c7fa7547-cdb6-4592-b620-8806696f2b4a&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZbG-_rvK28MRGFFZTtBNX1oV

43 B
61 B

43ms
42ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZbG-_rvK28MRGFFZTtBNX1oV
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:03 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:53:03 GMT
server: Aorta/20240123.c8db13cf4
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
location: https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZbG-_rvK28MRGFFZTtBNX1oV
access-control-allow-origin: *
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: b4aa6e3d59ea
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2

204

0.gif
x01.aidata.io/ Frame D34D
Redirect Chain

https://x01.aidata.io/0.gif?pid=LOTAME&id=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0
https://x01.aidata.io/0.gif?pid=LOTAME&id=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&bounce=1

0
434 B

242ms
242ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LOTAME&id=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&bounce=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:03 GMT
last-modified: Thu, 25 Jan 2024 01:53:02 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 25 Jan 2024 01:53:02 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:03 GMT
last-modified: Thu, 25 Jan 2024 01:53:02 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/0.gif?pid=LOTAME&id=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 25 Jan 2024 01:53:02 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame D34D
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213640604772000971708&gdpr=0&gdpr_consent=

49 B
264 B

54ms
53ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213640604772000971708&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.60.70
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213640604772000971708&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: 1coaxW6n5255ZGzn362iyRvS3Oxk1GbYF1Wx9yed2CG5VEcVvqMDOw==
expires: 0

GET 66.png
geo-um.btrll.com/v1/map_pixel/partner/ Frame D34D 0
0

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame D34D 0
675 B 178ms
73ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZbG_8AARAHb41ABH/ Frame D34D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZbG_8AARAHb41ABH/gdpr=0

49 B
265 B

221ms
220ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZbG_8AARAHb41ABH/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.50.207
content-length: 49
expires: 0

Redirect headers

x-served-by: cache-ewr18154-EWR
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706147582.034057,VS0,VE0
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZbG_8AARAHb41ABH/gdpr=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 382416.gif
idsync.rlcdn.com/ Frame D34D 42 B
60 B 213ms
210ms Image
image/gif 35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/382416.gif?partner_uid=cf48f38f57b5afc8f1fef27f7cc9f596&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

rand=403035228
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6295036647698144493/gdpr=0/ Frame D34D
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=403035228
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6295036647698144493/gdpr=0/rand=403035228

49 B
264 B

52ms
50ms

Image
image/gif

52.201.104.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6295036647698144493/gdpr=0/rand=403035228
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C154%2C150%2C142%2C136%2C135%2C125%2C115%2C108%2C105%2C103%2C100%2C94%2C89%2C80%2C79%2C76%2C65%2C40%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.201.104.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-104-25.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.60.73
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
an-x-request-uuid: 336e56d5-560d-4ea9-99f9-b370ac8999eb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6295036647698144493/gdpr=0/rand=403035228
x-proxy-origin: 206.66.96.82; 206.66.96.82; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame A670 11 KB
5 KB 57ms
52ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68119
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace153d9a041cd-EWR
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame B0D2 10 KB
2 KB 386ms
384ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:02 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A670 75 KB
76 KB 85ms
83ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 17
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace153d85b43f8-EWR
cdn-requestpullsuccess: True

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 66A5 167 B
579 B 97ms
96ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H3

200

/ Show response
zona-bermain.com/live-singapore/ Frame 92E8
Redirect Chain

https://zona-bermain.com/live-singapore
https://zona-bermain.com/live-singapore/

95 KB
20 KB

600ms
599ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/live-singapore/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

195942ed277201c204d240ded105cd72f57d3f1cc7ecc88439e6d0d6f23f710b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/generator-line-angka/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:03 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/251>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=251>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:02 GMT
location: https://zona-bermain.com/live-singapore/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame A670 438 B
573 B 490ms
117ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20LINE%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:8617730&@b3:1706147582&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: c46c1b27ca2b58ed0f4d1b10192c4a936bee51bd70e71a8f4e8358325c72a2a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:02 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9075
Redirect Chain

https://um.simpli.fi/lj_match?r=31838
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

163ms
162ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:02 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:53:02 GMT

GET
H3

200

362248.gif
idsync.rlcdn.com/ Frame 5BCD
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=42653
https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687...
https://rc.rlcdn.com/456809.gif?n=5&cparams=placement%3D710914
https://dpm.demdex.net/ibs:dpid=477&dpuuid=07aacaf693c37dbe55bca1f5acb328cea0304d6b63aaceb34d8084b81df7e6ddb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD...
https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333

42 B
60 B

59ms
58ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

dcs: dcs-prod-va6-2-v053-0b264a712.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: Zmop321DToU=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 37AF 0
142 B 277ms
276ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=53886&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: ED31561567F84B2A8081953C7774E61C Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:53:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3CUBk1ECibuybet1A==

GET
H3

200

403466.gif
idsync.rlcdn.com/ Frame DB4F
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=91546
https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=cbdcc14ccc7e4eab2efafef4f54d3155&it=4&iv=6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68&it=4&iv=7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687...
https://rc.rlcdn.com/456809.gif?n=5&cparams=placement%3D710914
https://match.prod.bidr.io/cookie-sync/liveramp
https://idsync.rlcdn.com/403466.gif?partner_uid=AACipU7LY34AABLeucDDpQ

42 B
60 B

54ms
52ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/403466.gif?partner_uid=AACipU7LY34AABLeucDDpQ
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/403466.gif?partner_uid=AACipU7LY34AABLeucDDpQ
Date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame FC0B 43 B
177 B 174ms
174ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame A670 18 KB
5 KB 259ms
259ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:53:02 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame B0D2 15 KB
3 KB 251ms
250ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Thu, 01 Feb 2024 01:53:02 GMT

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/ Frame 9075
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=36332
https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af...
https://rc.rlcdn.com/456809.gif?n=6&cparams=placement%3D710914
https://loadm.exelator.com/load/?p=204&g=450&rluid=1c6000d0fcaff6e0f469cc647a7eebcf5f719e0a1f417d616adce4af9880963cf2fc7f7248dfd545&j=0
https://idsync.rlcdn.com/362708.gif?partner_uid=bf59567db7ef986f726c91f902181978
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008tunTAKNbFC1W_1uPrAmzf_QsBtvQ-IPUsEwAg5eB1uo

44 B
705 B

303ms
95ms

Image
image/gif

2600:9000:211c:1200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008tunTAKNbFC1W_1uPrAmzf_QsBtvQ-IPUsEwAg5eB1uo
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: H2
Server: 2600:9000:211c:1200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
via: 1.1 24d0edcfa57d0bf029e983a1d3e4649c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P4
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: fdt2pd_NkgMGmA-6eNakk7tD8KXJbHhzSJK_rlQJub6cAbXYeeIGXg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:53:03 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008tunTAKNbFC1W_1uPrAmzf_QsBtvQ-IPUsEwAg5eB1uo
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame B215 85 B
464 B 63ms
39ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725958
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: XJRJ010wRx2nfImLTMJdqkRwVa9q939iFjfHH8iUiXtEcpoGwqiq5Q==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 66A5 43 B
177 B 68ms
41ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:02 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 46AE 0
72 B 56ms
30ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:53:02 GMT
content-length: 0
vary: Origin

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 5BCD 0
143 B 150ms
126ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=24198&pu=https://zona-bermain.com/buku-mimpi-2d/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9311E00E64EE42FA8403D837AD4D7F76 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:53:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3Cc0jtJEVxQX4mY9Q==

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 37AF
Redirect Chain

https://um.simpli.fi/lj_match?r=45132
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

29ms
23ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:02 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:53:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:53:02 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame DB4F 0
144 B 166ms
143ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=11306&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: ECE3E976BC2F48479BEC7096B892A6BE Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:53:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3Cc43Or/XT+l8EHOA==

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame A670 13 KB
4 KB 57ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52249
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace158cebb41cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame A670 7 KB
3 KB 220ms
200ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20LINE%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:8617730&@b3:1706147582&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 846260f5d8d2293aa1141976cee21a4e9a9ec5541dbf128dbe3a8638a828385d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
x-t: 0.22
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3T33f8RPNErtaQncgjXnOA4f2qWWXUu90dQWkL34CfyI006iGVVsZFJgUEm%2F%2FPQ%2Fjd2x2JEEBD5uQlDki9wBeSjwfuD4I1iyAZPfg7N%2B0F9T7rmLw4DkecqBrQlIC1UQhBvJiCYYoTiNj0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace158cf1f8c15-EWR
expires: Thu, 25 Jan 2024 01:53:01 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame A670 230 B
530 B 32ms
21ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:53:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame A670 231 B
531 B 36ms
21ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:53:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame B0D2 11 KB
4 KB 56ms
40ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68119
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace158cebd41cd-EWR
content-length: 4547

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame B215 766 B
1 KB 36ms
35ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387472
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: GgCME-HA1zDUT1Cz7A-BXROl90eIopEFWdRhwF3qJbeJVtpJhTED1Q==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame A91A 0
0 66ms
65ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=34952
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:03 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: oqNN_f2jp-AYFN7WD3b8SsUKlYHkdbA71GkUmRnm8VbyJTdpj8fSGw==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame B0D2 436 B
571 B 226ms
113ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:135551846&@b3:1706147583&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: b25cf944f2f16d5b989ba66f0f4b9f346e062e11d4775ba3346b33205356ea2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:03 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame A670 0
453 B 42ms
40ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&r=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
x-t: 1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XryJOPoXE%2Fhq52S6R1uGrlDL1ZorlbQN733qx12ZFMqtcZH4uDrSi3ljQbJ77K9xqfxtk706fIYMGPQrQiXIxnSI62c0lRJMRkotV80HgEovoJf%2BloDcOff8F8axSSEJOlKOzy%2F2mShEsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 84ace15b3e0dc32b-EWR
expires: Thu, 25 Jan 2024 00:59:10 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame A670 33 KB
11 KB 38ms
37ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70538
x-amz-cf-id: aiUm7Tcz1xjQPETtbti5wtHbA4t-XqY-GkO132X7UNvVspZXvr_dIQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame A670 0
319 B 199ms
198ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=8&_ls=16&_cc=us&_pl=d&_b=chrome%40120&_cbid=7hzw&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
x-t: 0.092
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVmDcZLs1kvcJ2J0gAbNujIg0MMuF0yBNYJn1Cv5m85eBZCLIUreiWoeUznvqTXAXdl%2B4HpsB7w96OsNGD5OzC1j7RUrt%2F%2F7sY%2BbjCwhJsb6JiS9tQKpj45YUUo%2Fm%2BSTDx8GSuU4EC%2FGd6k%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace15b39d48c15-EWR
expires: Thu, 25 Jan 2024 01:53:02 GMT

GET
H2 200 / Show response
dtsedge.com/ping/ Frame A670 0
447 B 254ms
102ms Script
application/javascript 2606:4700:3033::6815:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtsedge.com/ping/?t=300&d=zona-bermain.com
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
x-t: 0.43
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbFRygrBeAkATzF6ztpeMe04THUIVR%2Bwgx6hSqaesWIcuO6UceHFCdOKmV6ns4zdTMF%2FCkPAVQDAIRWwY7P9x%2F6YX2qVWF06G7TCccd1wMuwK824HKeWV2O0L8yaGXCr2L3ZP9mDW4ynQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 84ace15c3f8b0cc4-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame AB08 0
0 68ms
66ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=95242
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:03 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: IBrUmUD4Q5pXx1CzHyC0MVQtBEtwxiiDntJ_6rleD3E_kpnDVcAYjQ==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 5BCD
Redirect Chain

https://um.simpli.fi/lj_match?r=37974
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

30ms
30ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:03 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:53:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:53:03 GMT

GET
H3

200

362248.gif
idsync.rlcdn.com/ Frame 37AF
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=87806
https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=b6ed657b7558e2ab9f72bb77bb3d8d44&it=4&iv=812703517bb6d912793822680b5e31867ce79140&it=4&iv=803b686e37528aed10c208d7a2f83fbfc648606e06783ea9b1ad23af...
https://rc.rlcdn.com/456809.gif?n=1&cparams=placement%3D710914
https://dpm.demdex.net/ibs:dpid=477&dpuuid=07aacaf693c37dbe55bca1f5acb328cea0304d6b63aaceb34d8084b81df7e6ddb0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD...
https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333

42 B
62 B

60ms
60ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

dcs: dcs-prod-va6-2-v053-0b8084923.edge-va6.demdex.com 4 ms
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: AoBxNCf6SjM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://idsync.rlcdn.com/362248.gif?partner_uid=35827208354728692942570658140409409333
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 8432 85 B
465 B 58ms
41ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725959
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: scyxEGN-UhuC-zMW6Wv3aEmBwYuUaHYGggXrDqK5sRPA0oyZaZ0YLg==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame DB4F
Redirect Chain

https://um.simpli.fi/lj_match?r=58604
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

25ms
24ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:03 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:53:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:53:03 GMT

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 92E8 107 KB
13 KB 263ms
252ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 92E8 227 B
271 B 259ms
249ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 92E8 2 KB
374 B 261ms
250ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 92E8 28 KB
8 KB 264ms
253ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 92E8 3 KB
827 B 259ms
250ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 92E8 86 KB
29 KB 272ms
263ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 92E8 13 KB
5 KB 337ms
330ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 92E8 157 KB
26 KB 40ms
33ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461296
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 92E8 30 KB
7 KB 52ms
46ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4894943
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ace15c7cd8423a-EWR
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 92E8 21 KB
8 KB 41ms
36ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977789
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 92E8 62 KB
16 KB 50ms
45ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948471
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 0.png
zona-bermain.com/script/ Frame 92E8 25 KB
25 KB 333ms
328ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 92E8 25 KB
25 KB 335ms
330ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 92E8 25 KB
25 KB 274ms
273ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 92E8 25 KB
25 KB 275ms
274ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:53:03 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 92E8 24 KB
24 KB 305ms
296ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 92E8 25 KB
25 KB 289ms
280ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 92E8 24 KB
24 KB 306ms
297ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 92E8 25 KB
25 KB 333ms
324ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 92E8 25 KB
25 KB 334ms
326ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 92E8 43 B
182 B 209ms
88ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:04 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 92E8 3 KB
1 KB 286ms
279ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 92E8 8 KB
2 KB 250ms
249ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 92E8 6 KB
2 KB 252ms
250ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 92E8 112 KB
34 KB 284ms
275ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 92E8 4 KB
2 KB 281ms
272ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 8432 766 B
1 KB 42ms
41ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387474
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: kssZTjwa40_LswSLZpMeA1FBauTZjXBulFwm3LR1o22F3MYkkTcRKA==

GET
H2

200

p2
ads.scorecardresearch.com/ Frame FC0B
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=61828
https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://rc.rlcdn.com/456809.gif?n=2&cparams=placement%3D710914
https://ads.scorecardresearch.com/p?c1=9&c2=17057153&c3=1&c6=6aa1ba4f81cf87f609b89c22dcc5b8d5709d81e0a7b62e60b663fc0ee4ac9121ffebc811cafadc33&placement=710914&cj=1&rn=04667195
https://ads.scorecardresearch.com/p2?c1=9&c2=17057153&c3=1&c6=6aa1ba4f81cf87f609b89c22dcc5b8d5709d81e0a7b62e60b663fc0ee4ac9121ffebc811cafadc33&placement=710914&cj=1&rn=04667195

43 B
299 B

63ms
62ms

Image
image/gif

18.164.116.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.scorecardresearch.com/p2?c1=9&c2=17057153&c3=1&c6=6aa1ba4f81cf87f609b89c22dcc5b8d5709d81e0a7b62e60b663fc0ee4ac9121ffebc811cafadc33&placement=710914&cj=1&rn=04667195
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Server: 18.164.116.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-98.jfk50.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
via: 1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: Loc_zJlOgCU4b4GZU7wemgF-UgwdLtZ5IfE0ujSOmixdPbl6_rGG8A==

Redirect headers

date: Thu, 25 Jan 2024 01:53:04 GMT
via: 1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
location: /p2?c1=9&c2=17057153&c3=1&c6=6aa1ba4f81cf87f609b89c22dcc5b8d5709d81e0a7b62e60b663fc0ee4ac9121ffebc811cafadc33&placement=710914&cj=1&rn=04667195
content-length: 0
x-amz-cf-id: i31kih5fGSSm4PO0uZl-dMDt4jjLCvPaKCtKOWgJRHfb_D1LQE0XiA==

GET
H2

204

CookieSyncThrotle
rtb.adentifi.com/ Frame 9075
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://rtb.adentifi.com/CookieSyncThrotle?

0
287 B

199ms
45ms

Image
text/plain

54.166.215.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncThrotle?
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: H2
Server: 54.166.215.153 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-215-153.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT

Redirect headers

location: https://rtb.adentifi.com/CookieSyncThrotle?
date: Thu, 25 Jan 2024 01:53:04 GMT
content-type: text/html; charset=utf-8
content-length: 66
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H3

200

367408.gif
idsync.rlcdn.com/ Frame 66A5
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=74324
https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://rc.rlcdn.com/456809.gif?n=8&cparams=placement%3D710914
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTk1NjkwMzUvdC8y/dpuid/c2fdebda7c8a0316f848e163e1611f1d0a9b33bd80993b6c7b65188d1c2c98e13528d9f17d145da0/url/https://idsync.rlcdn.com/367408.gif?partner_ui...
https://idsync.rlcdn.com/367408.gif?partner_uid=2466746828872905745

42 B
65 B

57ms
55ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/367408.gif?partner_uid=2466746828872905745
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/367408.gif?partner_uid=2466746828872905745
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

367408.gif
idsync.rlcdn.com/ Frame 5BCD
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=6818
https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://rc.rlcdn.com/456809.gif?n=7&cparams=placement%3D710914
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTk1NjkwMzUvdC8y/dpuid/c2fdebda7c8a0316f848e163e1611f1d0a9b33bd80993b6c7b65188d1c2c98e13528d9f17d145da0/url/https://idsync.rlcdn.com/367408.gif?partner_ui...
https://idsync.rlcdn.com/367408.gif?partner_uid=2466746828872905745

42 B
65 B

73ms
70ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/367408.gif?partner_uid=2466746828872905745
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/367408.gif?partner_uid=2466746828872905745
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame BD5A 85 B
464 B 92ms
71ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725960
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: PmPbRREt8pnsY6paHxTgQ-6dBFhyAjJIu57bAu4uSB_O7XC1aX-05w==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3

200

360787.gif
idsync.rlcdn.com/ Frame DB4F
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=1955
https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://rc.rlcdn.com/456809.gif?n=7&cparams=placement%3D710914
https://pm.w55c.net/ping_match.gif?st=LIVERAMP&rurl=https%3A%2F%2Fidsync.rlcdn.com%2F360787.gif%3Fserved_by%3Devergreen%26partner_uid%3D_wfivefivec_
https://idsync.rlcdn.com/360787.gif?served_by=evergreen&partner_uid=TN3E0Vtl1RsOVn5

42 B
65 B

73ms
70ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360787.gif?served_by=evergreen&partner_uid=TN3E0Vtl1RsOVn5
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:03 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-027281cc20231ba2b@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://idsync.rlcdn.com/360787.gif?served_by=evergreen&partner_uid=TN3E0Vtl1RsOVn5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 0D4F 85 B
464 B 132ms
112ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725960
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: THYm5PktU7UgdZ7RmZ5pR1mPWlxn0_QwNKa0NrKMsYgYLW9SpgvmVA==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame B0D2 22 KB
12 KB 62ms
60ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28794
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace160d94c41cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame B0D2 6 KB
3 KB 228ms
227ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:135551846&@b3:1706147583&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f15a6d3a660457b1539972005dd30add9c7a80ac04fec9a079f9bdd74851c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
x-t: 0.228
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdMvh%2BPQqQ5mXwXyez4IGj3R%2F5Zk7QcD%2BYpfIxQAFvi0lzDGUSeyaM%2FxbL2t0nmu4e3i5idlnkSJ0EXWO3SwZ6606y4iTfu5mezrAeSQcONY1kp4Hu8o9%2BFeoqQn%2Fabzmckyyu%2F%2FqKGO3EE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace160d8528c15-EWR
expires: Thu, 25 Jan 2024 01:53:03 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame A670 5 KB
2 KB 70ms
63ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 302
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 7QkwckypintdUYTTYw9aq3q8GOCeZYhdlRarwqF4PNKs4lnFXRxEYQ==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame BD5A 766 B
1 KB 57ms
51ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387474
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: R4fWHygjy-_qM1p5G26__KGdA98VnzDk5F0v3WYysD1KBVoG4PuRvw==

GET
H2 200 livesgp.php Show response
w1.bungaprediction.com/ Frame 6547 849 B
787 B 2167ms
543ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livesgp.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

550ebaf92e9edd8e43ef8a2a61c54addc198d9b6e46a16c79096fde2d2e38be6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 412
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:06 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 live4dsgp.php Show response
opesia.vip/iframe-live/ Frame A377 17 KB
2 KB 1462ms
1212ms Document
text/html 2606:4700:3036::ac43:8f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opesia.vip/iframe-live/live4dsgp.php
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0b21457a580b5103d86ffe6b3886f8ffb80a7549014e3a87289f2627a85988c

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace1634cda17e9-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyxOwtJmfZGaBRZxvSyNTFq%2BK2sa9jmncm0GiVQvuSGOeu4sTcYW2wRXhtpcSsDRoPoK1jG5xMPHotbLHeoCbb4DzXWVkg%2BwIXcR1OflJep90ajqKYb%2Bsx7gEZ4DaYVu7eL17V4Os7cT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 livetotosgp.php Show response
opesia.vip/iframe-live/ Frame 74A9 10 KB
2 KB 1446ms
1197ms Document
text/html 2606:4700:3036::ac43:8f7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opesia.vip/iframe-live/livetotosgp.php
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8f7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505493895ef8283ca4e078ef974e7696c6de28d3f697bcecb1a4ffad58bb7380

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ace1634cdc17e9-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WdG6wn1XT%2Fru2eNyNgzzzxXG2NnKIgOMatqKOlHK6U7Fv5DoC2Uw9u37gKir4nJ%2F%2FWt4hrHZpgF1BnFkdh2j1ur2GdDQQd1P%2FwVcLT5ksgjgGi1574qcoJgRdLFxg2WNe642MiEBXkl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 92E8 11 KB
5 KB 77ms
68ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68121
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace161cba741cd-EWR
content-length: 4547

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 0D4F 766 B
1 KB 41ms
40ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387474
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: _COYKuh-ESqNV8LIoGSmaMB3psxhlZb4j6R0DaLhyZdGwlb-wEfDNA==

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 92E8 75 KB
76 KB 132ms
131ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 19
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace161fac343f8-EWR
cdn-requestpullsuccess: True

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 1878 10 KB
2 KB 259ms
258ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:04 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 5D44 0
72 B 88ms
87ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:53:04 GMT
content-length: 0
vary: Origin

GET
H3

200

/ Show response
zona-bermain.com/buku-mimpi-4d/ Frame CBCF
Redirect Chain

https://zona-bermain.com/buku-mimpi-4d
https://zona-bermain.com/buku-mimpi-4d/

166 KB
35 KB

496ms
493ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/buku-mimpi-4d/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

9c26961d3cf34f32904ea3ed3e0eebac1fcb99a9fe4c4d6c14a2e9dbb4fe53fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/live-singapore/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:05 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/220>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=220>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:04 GMT
location: https://zona-bermain.com/buku-mimpi-4d/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame A670 167 B
580 B 38ms
37ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 92E8 438 B
573 B 200ms
82ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20SINGAPORE%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:106369357&@b3:1706147584&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 4575d59a004cffff6808cd267bd0262a70166046a5754082a8747505d28b5999

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:04 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame B0D2 0
455 B 53ms
44ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
x-t: 1.26
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yh8kvmqJB56i9CVkQxQEkdoBipiiX1Vcv7Br17LTpvJEEYaA8CiWaCAf6GiI0dU9EQenGlWFx4h3Qf9%2FRBQhjvz966QeiC8vGX4%2BTmdiQBwDHa5x62wgRb7clQWWnn%2FZtFY6bAswgLlPQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 84ace1631cacc32b-EWR
expires: Thu, 25 Jan 2024 01:53:36 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame B0D2 33 KB
11 KB 54ms
44ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70539
x-amz-cf-id: GG05vjn49hj6zFjaccDJwd-Ywdvsjw_OrFvED3qg_yd8P6qQFwmwbA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame B0D2 0
287 B 207ms
198ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=19y6lc0ayp&_pv=8&_ls=14&_cc=us&_pl=d&_b=chrome%40120&_cbid=gsed&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
x-t: 0.089
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PafBzUo8%2B4vgzH4k5Ly4yakl5IlWqMwOSCfp4OMFTgrkVr2cxtj9mJDH%2B%2FtZHlfM1Nfp16uSsmexBeHM0DIKS5NJXGALJjVLL%2FmfyXsDpi4oDUh9EUt3OBaZ7wvlBY9lDiBe6TAA%2BgygUbs%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace1631b5e8c15-EWR
expires: Thu, 25 Jan 2024 01:53:03 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame FC0B 0
229 B 142ms
130ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=64890&pu=https://zona-bermain.com/paito-warna-taiwan/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 03B74AFF613C40F18A647D6CF99F6213 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:53:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3C3Gm7l4ghGNKUFBA==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 66A5 0
144 B 142ms
141ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=17641&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6769DC2CFB9E4A69842C6460CD7987B9 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:53:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3C4EPBZZ4ZZdtbT2w==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame B0D2 5 KB
2 KB 39ms
38ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 302
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: tydnnQU39dbpJnSFIifP3bH-23yAVOCsEM2botCs3z6ja1RDorQCew==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 1878 15 KB
3 KB 269ms
268ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 92E8 18 KB
5 KB 252ms
251ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:53:04 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 92E8 13 KB
4 KB 55ms
52ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52251
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace165687e41cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 92E8 6 KB
3 KB 232ms
229ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20SINGAPORE%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:106369357&@b3:1706147584&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07309b4c9b90ef5e7845f16c6512856e2ed3f079721c33e62e8e6f3070809a57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:05 GMT
x-t: 0.273
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtzPcZLNdV9w%2FcPrXhbCQ3rCHf2Kva%2F%2Fm4yV3pP4ZZ8HcUj6oR4GaAzUe7gVoNSEq32i6gIx2HBg3zt1B3RyKGv5cVvr6qVBobFvd9Ln4FKmKHX8N1jxg5GmTongZOIQz87zDDjWzfYbvEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace1657ea68c15-EWR
expires: Thu, 25 Jan 2024 01:53:04 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame B0D2 167 B
579 B 44ms
42ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H2 204 sync
thrtle.com/ Frame 37AF 0
473 B 32ms
32ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-2d/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:05 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 1878 11 KB
5 KB 38ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68122
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace166d9ea41cd-EWR
content-length: 4547

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 92E8 230 B
530 B 23ms
22ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:53:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 92E8 231 B
531 B 23ms
22ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:53:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame FC0B
Redirect Chain

https://um.simpli.fi/lj_match?r=25266
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

25ms
23ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:05 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:53:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:53:05 GMT

GET
H2

204

sync
thrtle.com/ Frame 5BCD
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
https://ib.adnxs.com/getuid?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5006%26vxii_pdid%3D%24UID%26vxii_ts%3D29%26_t%3D1706147585%26_reach%3D1
https://thrtle.com/sync?vxii_pid=5006&vxii_pdid=6295036647698144493&vxii_ts=29&_t=1706147585&_reach=1
https://sync-tm.everesttech.net/upi/pid/EhuOE4dM?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5032%26vxii_pdid%3D%24%7BTM_USER_ID%7D%26vxii_ts%3D31%26_reach%3D1
https://thrtle.com/sync?vxii_pid=5032&vxii_pdid=ZbG_8AARAHb41ABH&vxii_ts=31&_reach=1

0
473 B

67ms
66ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5032&vxii_pdid=ZbG_8AARAHb41ABH&vxii_ts=31&_reach=1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:05 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

x-served-by: cache-ewr18154-EWR
pragma: no-cache
date: Thu, 25 Jan 2024 01:53:05 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706147585.312766,VS0,VE0
x-cache: HIT
location: https://thrtle.com/sync?vxii_pid=5032&vxii_pdid=ZbG_8AARAHb41ABH&vxii_ts=31&_reach=1
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame A670 43 B
177 B 42ms
41ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:05 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 66A5
Redirect Chain

https://um.simpli.fi/lj_match?r=72028
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

23ms
23ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:05 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:53:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:53:05 GMT

GET
H2 204 sync
thrtle.com/ Frame DB4F 0
473 B 63ms
55ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:05 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 92E8 0
555 B 41ms
41ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F&r=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:05 GMT
x-t: 1.03
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6u4P0JdIH0EOXQfm7xrGbvd4qTty5LAQQ5gGRVtw5hIY4qDkkOLcFd4A0JnSFabn8oVeUgUKb4oUOvPcgJHrGzmpASVmxw0%2FzvPSwXAArMFsjxSrLw0E6VyK%2Bk8IaawNeailggju7QbEhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 84ace167a8a2c32b-EWR
expires: Thu, 25 Jan 2024 00:59:12 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 92E8 33 KB
11 KB 38ms
37ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70540
x-amz-cf-id: iKye-4rZpxv4Do2QWQ0RK3HmkfMcxdKVWwbNjTQp2VxnRz_1UH4ZBg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 92E8 0
370 B 207ms
206ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=9&_ls=18&_cc=us&_pl=d&_b=chrome%40120&_cbid=6rks&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:05 GMT
x-t: 0.11
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lizThZj1zcwT67jAe35NplqUc7rWVC1FroJqV2DV7wFdycISm20hGI%2FT3oiXszvEzGZCT2RbK5PNoJdBT2Mjkt15WH0JhxcvqnyoVaoKq8N7oTAdh83DbJ8EMyRLMvHFiTeTSo6N6NUirEM%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace167a98b8c15-EWR
expires: Thu, 25 Jan 2024 01:53:04 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame B0D2 43 B
177 B 40ms
40ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:05 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3

200

360947.gif
idsync.rlcdn.com/ Frame FC0B
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=99281
https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=d0ebd870e62417c041b1cfaabc5fab5b&it=4&iv=58964d2aebc4d92593ca3b3153c99cd867f2acf2&it=4&iv=4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac...
https://rc.rlcdn.com/456809.gif?n=3&cparams=placement%3D710914
https://p.rfihub.com/cm?in=1&pub=1961
https://idsync.rlcdn.com/360947.gif?partner_uid=997336248764543702

42 B
65 B

54ms
53ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=997336248764543702
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://idsync.rlcdn.com/360947.gif?partner_uid=997336248764543702
Date: Thu, 25 Jan 2024 01:53:06 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 7B5C 85 B
464 B 41ms
38ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725961
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: 983SfyWiyB18th_-Vst4mXisRmn-VEh3kDNUWTaQUSQh2ZTIg83GAg==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 0AA6 0
0 68ms
67ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=39723
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:05 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: d3DPsnbPXTqeetvCQUHoqwa3QdpOCPlA8ApMTh_QMCDEUnqsAHSjAg==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2

200

s.pixel
aa.agkn.com/adscores/ Frame 66A5
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=86054
https://aa.agkn.com/adscores/s.pixel?sid=9112307438&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=openx

43 B
655 B

38ms
38ms

Image
image/gif

13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/s.pixel?sid=9112307438&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=openx
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:05 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: Xlbctb03YUyD-VNWRBi_4Z9vBSrkNAnwRoZyaBcrEYqPu1ompenNOw==
expires: 0

Redirect headers

Location: https://aa.agkn.com/adscores/s.pixel?sid=9112307438&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=openx
Date: Thu, 25 Jan 2024 01:53:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 2327 85 B
465 B 66ms
65ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725961
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: OvmpFzXUCzZYRF0MiLWZde385B3q0ROdAnR9jCUzuzmTkdhqLTplsg==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame CBCF 107 KB
13 KB 262ms
260ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:05 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:53:05 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame CBCF 227 B
337 B 258ms
254ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame CBCF 2 KB
392 B 259ms
254ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame CBCF 28 KB
8 KB 262ms
258ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame CBCF 3 KB
827 B 259ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame CBCF 86 KB
29 KB 270ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame CBCF 13 KB
5 KB 267ms
264ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame CBCF 157 KB
26 KB 42ms
38ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461299
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame CBCF 30 KB
7 KB 45ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4894945
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ace16bcda1423a-EWR
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame CBCF 21 KB
8 KB 42ms
39ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977791
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame CBCF 62 KB
16 KB 43ms
40ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948473
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 0.png
zona-bermain.com/script/ Frame CBCF 25 KB
25 KB 260ms
257ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame CBCF 25 KB
25 KB 271ms
267ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame CBCF 25 KB
25 KB 250ms
249ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame CBCF 25 KB
25 KB 253ms
252ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame CBCF 24 KB
24 KB 268ms
266ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame CBCF 25 KB
25 KB 270ms
268ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame CBCF 24 KB
24 KB 272ms
271ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame CBCF 25 KB
25 KB 275ms
273ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame CBCF 25 KB
25 KB 388ms
387ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame CBCF 43 B
182 B 157ms
43ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:06 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame CBCF 3 KB
1 KB 250ms
250ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame CBCF 8 KB
2 KB 249ms
247ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame CBCF 6 KB
2 KB 251ms
249ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame CBCF 112 KB
34 KB 254ms
252ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame CBCF 4 KB
2 KB 251ms
249ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H2 200 jquery-3.1.1.js Show response
code.jquery.com/ Frame 74A9 261 KB
77 KB 143ms
35ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.js
Requested by: Host: opesia.vip
URL: https://opesia.vip/iframe-live/livetotosgp.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d7a71d3dd740e95755227ba6446a3a21b8af6c4444f29ec2411dc7cd306e10b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opesia.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4911172
x-cache: HIT, HIT
content-length: 78665
x-served-by: cache-lga21952-LGA, cache-ewr18142-EWR
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1706147586.006221,VS0,VE0
etag: W/"28feccc0-413ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 22796, 84

GET
H2 200 toto.png
2.bp.blogspot.com/-mMUpx0rgL0c/YFwbqYO3cTI/AAAAAAAByTE/gTSMw-u8nmIP53Z3D43cUNneBAxMhqrqwCLcBGAsYHQ/s0/ Frame 74A9 51 KB
51 KB 168ms
141ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-mMUpx0rgL0c/YFwbqYO3cTI/AAAAAAAByTE/gTSMw-u8nmIP53Z3D43cUNneBAxMhqrqwCLcBGAsYHQ/s0/toto.png

Requested by

Host: opesia.vip
URL: https://opesia.vip/iframe-live/livetotosgp.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2b69ca2d96dbc0f2a379bbd26934f43a9f6861c9243cfb69790cda79b6e75653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opesia.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c932"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="toto.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51751
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:53:06 GMT

GET
H2 200 jquery-3.1.1.js Show response
code.jquery.com/ Frame A377 261 KB
77 KB 140ms
35ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.js
Requested by: Host: opesia.vip
URL: https://opesia.vip/iframe-live/live4dsgp.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d7a71d3dd740e95755227ba6446a3a21b8af6c4444f29ec2411dc7cd306e10b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opesia.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4911172
x-cache: HIT, HIT
content-length: 78665
x-served-by: cache-lga21952-LGA, cache-ewr18142-EWR
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1706147586.006153,VS0,VE0
etag: W/"28feccc0-413ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 22796, 83

GET
H3 200 sgp4d.png
4.bp.blogspot.com/-pUYQRQaG9ps/XnyNdOdNz6I/AAAAAAAAM-c/oVycPYCgL_cbRWvC-XN6POK6VAPgieaUQCLcBGAsYHQ/s1600/ Frame A377 6 KB
6 KB 291ms
290ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-pUYQRQaG9ps/XnyNdOdNz6I/AAAAAAAAM-c/oVycPYCgL_cbRWvC-XN6POK6VAPgieaUQCLcBGAsYHQ/s1600/sgp4d.png

Requested by

Host: opesia.vip
URL: https://opesia.vip/iframe-live/live4dsgp.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4d2a469f5bda567e36b480b20468c37779aa0a7e338733b741a26378112fb572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opesia.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v33e8"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sgp4d.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5690
x-xss-protection: 0
expires: Fri, 26 Jan 2024 01:53:06 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 7B5C 766 B
1 KB 36ms
36ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387475
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 9B5bDRSybunRTTOyPPUd5NBiOwD_ZMTgeqnbbI3JUXanHD28ztQk0A==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 4D9C 0
72 B 32ms
31ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:53:06 GMT
content-length: 0
vary: Origin

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 2327 766 B
1 KB 37ms
36ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387476
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: RaTYGulDaqk90cm7oyU8aT0kbv1t0r249v1lhU1gTOyxE1Bx0zF_qg==

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 1878 436 B
571 B 172ms
86ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:193260420&@b3:1706147586&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: b25cf944f2f16d5b989ba66f0f4b9f346e062e11d4775ba3346b33205356ea2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:06 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 92E8 5 KB
2 KB 39ms
38ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 304
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: E55fpMon_BNAUueWQ2QjLoB3jxVpzqikm47W7tVUEcNp6ww_mQlmQg==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 6CF0 0
0 63ms
62ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=83762
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:06 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: NiynMoe5NTOxa8LAll4KkOHnluXqof7Q82jJgy6I7wI6b0mf0NtHNg==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2

200

s.pixel
aa.agkn.com/adscores/ Frame A670
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=70277
https://aa.agkn.com/adscores/s.pixel?sid=9112307468&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=sovrn

43 B
655 B

33ms
32ms

Image
image/gif

13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/s.pixel?sid=9112307468&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=sovrn
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:06 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: 5AloSwEpfbBrYhZDchmk5WIug93TzSEhdDHZ02Tb4fsgm2koviTjPA==
expires: 0

Redirect headers

Location: https://aa.agkn.com/adscores/s.pixel?sid=9112307468&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=sovrn
Date: Thu, 25 Jan 2024 01:53:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 4

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 92E8 167 B
580 B 23ms
23ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 6540 0
72 B 80ms
79ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:53:06 GMT
content-length: 0
vary: Origin

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame CBCF 11 KB
5 KB 41ms
40ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68123
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace16eab5241cd-EWR
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 6EE7 10 KB
2 KB 256ms
256ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:06 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 1878 22 KB
12 KB 55ms
55ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28796
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace16ecb7541cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 1878 6 KB
3 KB 206ms
206ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:193260420&@b3:1706147586&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9055b52f00a8f9a287b035f0a8b5516d25b5cc499db38af730030502a74f5a50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
x-t: 0.25
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtB1k43%2FIii2mRI4zMEsJLHuYJ0R7topJJniK2X3RaB5u0ahC3%2FpUmPTyiYAOth%2Fchep7Bxf1%2B7%2Bi5MBHj%2FhrQZErcmBS7dTGoKbHQ8wtX2%2F76Qv%2B686K7NghqJS0wB%2Fb3KQ1KOsrQBSrAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace16ebd198c15-EWR
expires: Thu, 25 Jan 2024 01:53:05 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame CBCF 75 KB
76 KB 49ms
48ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 21
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace16eebfb43f8-EWR
cdn-requestpullsuccess: True

GET
H3

200

/ Show response
zona-bermain.com/rekap-kumat/ Frame 889D
Redirect Chain

https://zona-bermain.com/rekap-kumat
https://zona-bermain.com/rekap-kumat/

96 KB
20 KB

469ms
468ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/rekap-kumat/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

8001f648aeb9fc120cf21e4fb1cb72ddc5a3af813c0fcdf325781550bc5e5fb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/buku-mimpi-4d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:07 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/191>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=191>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:06 GMT
location: https://zona-bermain.com/rekap-kumat/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H2 200 live-draw-sgp.php Show response
wblog.xyz/ Frame 4AE8 951 B
708 B 1890ms
537ms Document
text/html 45.76.151.5

General

Check archive.org

Show headers Download Go to

Full URL

https://wblog.xyz/live-draw-sgp.php

Requested by

Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livesgp.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.76.151.5 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

454908a280d65f7e7f396b24e333b144e8865b61f761d99b09d97cae0610605c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:08 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6547 11 KB
5 KB 42ms
38ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livesgp.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68123
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace16fdc8041cd-EWR
content-length: 4547

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame CBCF 438 B
573 B 174ms
86ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%204D%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:17520626&@b3:1706147587&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 4575d59a004cffff6808cd267bd0262a70166046a5754082a8747505d28b5999

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:06 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 1878 0
453 B 44ms
41ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
x-t: 2.36
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAhYkWzqQFIcEik2nrtL5KEXl5e3jk0p9ORkuR0GbJqETTdYl6Rl8W41doU6vgEaZ23b2ys72mMuCxK5BFQjkSX9bs7zNBQhRkLyTu4CAIjhgCQ0JGqqOapDx%2F5QtRXE8r104RsP4ubOMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 84ace1702f09c32b-EWR
expires: Wed, 24 Jan 2024 23:32:51 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 1878 33 KB
11 KB 47ms
45ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70541
x-amz-cf-id: b6zmEkb4LyyGptGAAd6cYN7RB6XhTfZTu5uYzf8CC3V6NFtxLBmWzw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 1878 0
285 B 201ms
199ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=19y6lc0ayp&_pv=9&_ls=16&_cc=us&_pl=d&_b=chrome%40120&_cbid=57s7&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
x-t: 0.085
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2A0Tcf2HkkUt6wTHwwfA6PwGbzfVq1OQWWZ5rQNukwAld70Uh5Ov%2FicoXBufbUJqdCqxVTPT3qjSQD0Ih%2BbQkWG1xCktX3n%2F7Gm5YwnDplCk0SDZasXbX5B13%2FwXoMp3EttOmSe6EWth3IA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace1702ecc8c15-EWR
expires: Thu, 25 Jan 2024 01:53:05 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame CBCF 18 KB
5 KB 248ms
248ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H2

200

s.pixel
aa.agkn.com/adscores/ Frame B0D2
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=3614
https://aa.agkn.com/adscores/s.pixel?sid=9112307488&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=li

43 B
655 B

29ms
29ms

Image
image/gif

13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/s.pixel?sid=9112307488&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=li
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:06 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: w5MfqI1fCAYsxvCSDrWqH8ss8kZng-BgVy8CDz-1O9M5d6iqqfNGLg==
expires: 0

Redirect headers

Location: https://aa.agkn.com/adscores/s.pixel?sid=9112307488&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=li
Date: Thu, 25 Jan 2024 01:53:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 8

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 6EE7 15 KB
3 KB 258ms
258ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Thu, 01 Feb 2024 01:53:06 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame A670 0
145 B 132ms
129ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=63797&pu=https://zona-bermain.com/prediksi-taiwan/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E978B6948BEF4FD78BEB31F655EDE659 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:53:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3DYe+SM7fOVeEfSrQ==

GET
H2 204 sync
thrtle.com/ Frame FC0B 0
473 B 59ms
56ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 204 sync
thrtle.com/ Frame 66A5 0
473 B 59ms
57ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H/1.1 200
OK 4585452.php Show response
s4.histats.com/stats/ Frame 6547 436 B
571 B 240ms
111ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-188783659&@b3:1706147587&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivesgp.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: ad134decb67c5a253c36cc63d2d463d997d340f7b7500ab7e3cdcfcad2a63ece

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:06 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 1878 5 KB
2 KB 43ms
37ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 304
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: YKGz87EGDUeqJQBCgpO4R4LWgzJAjHeQTdP6_FGaKu-O2LVzUUUL7A==

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame CBCF 13 KB
4 KB 39ms
38ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52253
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace171ce8941cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame CBCF 6 KB
3 KB 208ms
207ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%204D%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:17520626&@b3:1706147587&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40ebc0090e633530b750cc19e0a9ddc7aacaea9313a0648767d5b1af5399463

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
x-t: 0.236
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vckiNP%2BNj9O1difoL3X7UggMNMy7BR%2FmCTNnYLzEcS9au2dQYaAb2UmFqV7y7xId1KYA5oANzBTWu26%2Bf68h34vJOdw5uB30ekAzMGU6k98axpoW6JKaxojowOAKhiT1xE5N0Ky1aokuSyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace171c8d68c15-EWR
expires: Thu, 25 Jan 2024 01:53:05 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame CBCF 230 B
530 B 26ms
25ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:53:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame CBCF 231 B
531 B 26ms
25ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:53:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 1878 167 B
579 B 32ms
32ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6EE7 11 KB
5 KB 38ms
38ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68124
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace172dfa441cd-EWR
content-length: 4547

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 92E8 43 B
177 B 41ms
40ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:07 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 cc_329.js Show response
s10.histats.com/counters/ Frame 6547 18 KB
7 KB 41ms
40ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_329.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 80837
etag: "1331309106"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace173586841cd-EWR
content-length: 7420

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6547 6 KB
3 KB 206ms
206ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesgp.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-188783659&@b3:1706147587&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivesgp.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f4535236c0f9adcd24c475579dbb84b70fe4aa3f06a5201aac7b2e5654eb8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
x-t: 0.236
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NknfsUUYV6XuW3ZO%2FPVkrTxwvMNihupEvA%2Fog3hCfxyS31TB3yV5rj3ooQhLl%2Bb7k5OJK8jMVIh%2Fw8glAH69EUdDDhW7IB1BYFJG6PpYy4qmPBtCyyFUYeZcQs7mUfcAadYSZdg5MBsYA2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace1735ac18c15-EWR
expires: Thu, 25 Jan 2024 01:53:06 GMT

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 6EE7 436 B
571 B 229ms
115ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-135382937&@b3:1706147587&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: be0ad21d91014508532e64bb6ceb6a4a3e2d5700a74c7c791c8b8df9d194708d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:07 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame CBCF 0
459 B 41ms
41ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F&r=https%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
x-t: 1.49
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qf00myQBm8%2FdzBEXOqB9PdmJMOmHlxURcdG40uQIXNZqUQLiHWJ7Qp1nQvjLVOpTEfh7NUG7iTciAq1rA4ZrcUBbYPjObn3nQwF%2FdOJqDFZ9%2FnxFN3Kl%2B%2FLQnfMuD72K1S4sFIfrRdLRWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 84ace1739a0bc32b-EWR
expires: Thu, 25 Jan 2024 01:47:00 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame CBCF 33 KB
11 KB 40ms
39ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70542
x-amz-cf-id: J1qi_rgzCb4tO35q1g3-GMA3jFQmjJsP25VswqhE_iaTZ4cAx7SxFg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame CBCF 0
287 B 257ms
257ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=10&_ls=20&_cc=us&_pl=d&_b=chrome%40120&_cbid=6ntr&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-singapore%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
x-t: 0.075
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6gwYnecSylzKUrWV2hPT8Hl1Zp7rZY8bDkNydLcbXhmszo5CsiCBOi969oTLcmUVtgpRfeEY4Z4w09yF5KLJ4Ozw1AR%2BThYsak4418HrwMrsGkc4UDL2o0CXY7pSAYBW9nV%2BboNL6K1uG4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace1739b108c15-EWR
expires: Thu, 25 Jan 2024 01:53:06 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame B0D2 0
144 B 129ms
128ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=848&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:06 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E25AAB35DE954ED6BF181C36363B3318 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:53:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3DfF/B4MdnPmO99Hw==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame CBCF 5 KB
2 KB 41ms
40ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 305
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ipvZxinphasWuveu4hIfWlT5QMXczVo2cBGVyw4jDTKiQg6KxaYufw==

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A670
Redirect Chain

https://um.simpli.fi/lj_match?r=60155
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

23ms
22ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:53:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:53:07 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6547 0
418 B 40ms
39ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fw1.bungaprediction.com%2Flivesgp.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesgp.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
x-t: 0.83
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK3VQ7ZY1zTq6ycYBwKzX0eTWeFYtrleVUT%2BlTs8SyHxBCf6kZqRFUjDg8G8%2FY0ykUQ0JOlnzZl5QHX4h00qdcQ%2FmmJXHnQQTJOHpOyYjkedHFyefOH3NdXwHrHotYsBDoWNvC9ztyd8Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 84ace1750b17c32b-EWR
expires: Wed, 24 Jan 2024 23:32:52 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6547 33 KB
11 KB 40ms
40ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesgp.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70542
x-amz-cf-id: jT0bJIjNfMY03WZtIiGMP6F_N--lcjmqjUNB4qiUZheghJRAhp9lvA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6547 51 B
343 B 199ms
199ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=w1.bungaprediction.com&_ss=4khcszz48b&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=3ulc&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesgp.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2f05afe52d86b8eb74cabe30b58eacd40e24dd5eb9e982e2d961de6720f8cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
x-t: 0.146
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SFnnDB5pQGpwabF%2B%2BUYZEmaHLugOmjAwE6kCCu%2FB3PpFKJsg9emQxwfGIal63L6v%2BgOeYFjwjFocfiI%2FH96W%2BHA1FousXHTAVt7ie3W7SF0B7Mn52pdk8gsm8%2FPwIQ7zpK6HuSFQ9Z%2BudQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace1750cac8c15-EWR
expires: Thu, 25 Jan 2024 01:53:06 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 6EE7 22 KB
12 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 28797
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace1752acd41cd-EWR
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6EE7 6 KB
3 KB 205ms
205ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-135382937&@b3:1706147587&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08108167102e7c801120e5f7e225e04ce1f844afcdd09617ba62ff57c36310e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
x-t: 0.213
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmDon4TKHCjGsyB%2FPAhuLpZw8tQsN2UwVlK7T%2FbMNSAzoPUbozR4c0%2F%2FwCFhYDKU43rSwz%2BAXbz%2FFVE%2FFnkqwWbtf0%2B3MxBrNszYMia7ThriL3wqvVc8dwoJ%2FDBKtMyRUS7QiCKzSijRCE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace1752cdb8c15-EWR
expires: Thu, 25 Jan 2024 01:53:06 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame CBCF 167 B
580 B 34ms
33ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 34C0 0
0 60ms
59ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=13421
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:07 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: fcdFOhHaszeDmBUuCCCIMd4cr54OHCrwSET9c1Qkack1W0SMAmbTpA==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 6547 50 B
456 B 59ms
59ms Fetch
application/json 52.84.18.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.18.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-18-2.ord53.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
via: 1.1 c76b66e0e074f4c1e2f882b92f4ad552.cloudfront.net (CloudFront), 1.1 b355b23fdbed3c58c37ede4924bc4602.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, ORD53-C2
x-amzn-requestid: 0c30a557-ea1d-4129-8e62-c264e29ae0f2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SErInGSCCYcEhUw=
content-length: 50
x-amz-cf-id: 0YpXkFp0-zuRR6z1f9eb8ElZEbZysuJjG-wQ8UBBjxHJj7PSNt2eWQ==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6EE7 0
431 B 42ms
41ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
x-t: 0.79
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=102i7aKgvEAauuv9nCUOVQzNFDKMWA1YVVaFMlNFOfIutyY8HlfInyanCGuxBNKRS2uxYGQu8JFUGGIsQXKJdue2viwMrzrGKqwN5OneGu3Z%2FAZ%2B6g2nf39daZA18tKnyKWAAy5mSPbpUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 84ace1766c2fc32b-EWR
expires: Thu, 25 Jan 2024 01:28:55 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6EE7 33 KB
11 KB 38ms
37ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70542
x-amz-cf-id: hVzBU7fbC3FXGJslxoSn8DDsu37KywdKblPDm8fNV1ig8G9Gwwo5bg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6EE7 0
379 B 207ms
206ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=19y6lc0ayp&_pv=10&_ls=17&_cc=us&_pl=d&_b=chrome%40120&_cbid=x393&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
x-t: 0.084
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYQeRFDj4xaEpiKorTEJdZYDUXi1nJnOFwcYU0B6i1OTHs5RYAfgV0%2Bc8amvHc%2F%2BjysD%2BhC6hCalnlhmW09sNXTfOxMFj4Jw2OKCr5CSIRT6T5PH1RCA%2BkfYRuoWkH%2BvfUfZ2C94PqwnrIQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace1766ebf8c15-EWR
expires: Thu, 25 Jan 2024 01:53:06 GMT

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 889D 107 KB
13 KB 252ms
250ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Thu, 01 Feb 2024 01:53:07 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 889D 227 B
271 B 257ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Thu, 01 Feb 2024 01:53:07 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 889D 2 KB
374 B 258ms
257ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Thu, 01 Feb 2024 01:53:07 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 889D 28 KB
8 KB 260ms
259ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Thu, 01 Feb 2024 01:53:07 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 889D 3 KB
827 B 262ms
261ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Thu, 01 Feb 2024 01:53:07 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 889D 86 KB
29 KB 263ms
262ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Thu, 01 Feb 2024 01:53:07 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 889D 13 KB
5 KB 269ms
269ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Thu, 01 Feb 2024 01:53:07 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 889D 157 KB
26 KB 33ms
33ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26461301
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 889D 30 KB
7 KB 44ms
44ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4894947
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84ace176b8f0423a-EWR
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 889D 21 KB
8 KB 38ms
38ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11977793
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 889D 62 KB
16 KB 37ms
37ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 01:53:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7948475
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-etou8220064-FRA, cache-ewr18133-EWR
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 1878 43 B
177 B 42ms
41ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:07 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 0.png
zona-bermain.com/script/ Frame 889D 25 KB
25 KB 249ms
248ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Thu, 01 Feb 2024 01:53:07 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 889D 25 KB
25 KB 257ms
257ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:07 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Thu, 01 Feb 2024 01:53:07 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 889D 25 KB
25 KB 264ms
261ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 889D 25 KB
25 KB 282ms
280ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 889D 24 KB
24 KB 274ms
269ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 889D 25 KB
25 KB 292ms
287ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 889D 24 KB
24 KB 293ms
289ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 889D 25 KB
25 KB 315ms
311ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 889D 25 KB
25 KB 316ms
313ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 889D 43 B
182 B 124ms
32ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:08 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 889D 3 KB
1 KB 335ms
332ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 889D 8 KB
2 KB 261ms
258ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 889D 6 KB
2 KB 262ms
256ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 889D 112 KB
34 KB 265ms
259ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 889D 4 KB
2 KB 263ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B0D2
Redirect Chain

https://um.simpli.fi/lj_match?r=54022
https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC

43 B
2 KB

28ms
27ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 01:53:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 25 Jan 2024 01:53:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 24 Jan 2024 01:53:07 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6EE7 5 KB
2 KB 60ms
59ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 305
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: i1ZfEpYJ5MHR-sjg3Mxq5y5xeuiRvQ5eclsnb_a8Ahu7S63ifaHqfw==

GET
H2

200

s.pixel
aa.agkn.com/adscores/ Frame A670
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=95717
https://aa.agkn.com/adscores/s.pixel?sid=9112307478&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=sovrn

43 B
655 B

32ms
30ms

Image
image/gif

13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/s.pixel?sid=9112307478&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=sovrn
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:07 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: BUlMmHdLAvWu4EsG09-lUlGMaGPnYG1MAN9UGgsHYtKaUmqs5ARawg==
expires: 0

Redirect headers

Location: https://aa.agkn.com/adscores/s.pixel?sid=9112307478&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=sovrn
Date: Thu, 25 Jan 2024 01:53:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame AFAF 85 B
465 B 39ms
38ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725963
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: oDKFsVdilyXGjjRDYXILzHIT7tVJ72CYyqqxTadBjzkgW2laLw5A8g==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6547 5 KB
2 KB 53ms
53ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 305
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: lPFpU1KW61rVNSMOjh_OxXU3f-keAgCjscuMh1nNTkkJ3z32-oKSXg==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame AFAF 766 B
1 KB 38ms
37ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387477
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: YOK2kdgAV6BTMGKlqVDBqjdrLklIpaeLgK3Lmto3qYvf_qsXDXpbyQ==

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 6EE7 167 B
579 B 30ms
30ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 6547 167 B
586 B 26ms
25ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://w1.bungaprediction.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 889D 75 KB
76 KB 41ms
40ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 23
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: abb9454d3c41a2f5bde30211edf852c6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84ace179398c43f8-EWR
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 889D 11 KB
5 KB 45ms
39ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68125
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace1797c8241cd-EWR
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame D556 10 KB
2 KB 266ms
264ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2408
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:08 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3

200

/
zona-bermain.com/rekap-angka-4d/ Frame DE48
Redirect Chain

https://zona-bermain.com/rekap-angka-4d
https://zona-bermain.com/rekap-angka-4d/

117 KB
0

470ms
469ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/rekap-angka-4d/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/rekap-kumat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:08 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/153>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=153>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 01:53:08 GMT
location: https://zona-bermain.com/rekap-angka-4d/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H2

200

s.pixel
aa.agkn.com/adscores/ Frame 92E8
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=28356
https://aa.agkn.com/adscores/s.pixel?sid=9112307428&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=cnsmbl

43 B
655 B

40ms
40ms

Image
image/gif

13.225.214.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/s.pixel?sid=9112307428&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=cnsmbl
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/
Protocol: H2
Server: 13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-117.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:08 GMT
via: 1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: 9Lc3cpWIndlCcny1RvljNqRPdEMi9CqYmax7F8rPdhjtez7CP4Y3Pg==
expires: 0

Redirect headers

Location: https://aa.agkn.com/adscores/s.pixel?sid=9112307428&em=cbdcc14ccc7e4eab2efafef4f54d3155&lsid=cnsmbl
Date: Thu, 25 Jan 2024 01:53:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 889D 438 B
573 B 191ms
55ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20KUMAT%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:110743499&@b3:1706147588&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Frekap-kumat%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: c7267268f9c7c289603044c43606fcc70de7e25ab5408c956c54e745173b4703

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:08 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 0510 0
0 90ms
90ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=2890
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:08 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: OhG043rjxh2h52wPVv2f6l-M9o9ylihCRh7KLkGgvQrJ96o_nPrnjA==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame CBCF 43 B
177 B 41ms
40ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:08 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3

200

sync
pippio.com/api/ Frame B0D2
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=83013
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=2466746828872905745
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=9031f432-95f1-4371-8f6c-243625f67bcf
https://p.rfihub.com/cm?pub=39342&in=1&userid=fcdd9bc6-bbf6-431b-a2ea-f28d09d087ec%3A1706147588.6485445&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dfcdd9bc6-bbf6-431b...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=997336248764543702&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dfcdd9bc...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=fcdd9bc6-bbf6-431b-a2ea-f28d09d087ec%3A1706147588.6485445&pid=500040&it=1&iv=fcdd9bc6-bbf6-431b-a2ea-f28d09d087ec%3A1706147588.6485445&_=170...
https://pippio.com/api/sync?it=1&pid=500040&_=1706147588.650582&iv=fcdd9bc6-bbf6-431b-a2ea-f28d09d087ec:1706147588.6485445

42 B
59 B

84ms
83ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1706147588.650582&iv=fcdd9bc6-bbf6-431b-a2ea-f28d09d087ec:1706147588.6485445
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H3
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1706147588.650582&iv=fcdd9bc6-bbf6-431b-a2ea-f28d09d087ec:1706147588.6485445
Date: Thu, 25 Jan 2024 01:53:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame AB57 85 B
465 B 48ms
47ms Document
text/html 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 725964
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 16 Jan 2024 16:13:45 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-id: xmdcwXPCSz_TBZhf_hSk0MIDgi1r7U-KMZWOB-9Y4ujoIYUNe6mTjg==
x-amz-cf-pop: ORD56-P8
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 9075 0
72 B 95ms
94ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 01:53:08 GMT
content-length: 0
vary: Origin

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame AB57 766 B
1 KB 38ms
37ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Sat, 20 Jan 2024 14:15:11 GMT
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P8
age: 387478
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: _QAKxaa5Vy1fBIke90ioHwxLDDcwDNJLT8b3dKsIFhPIss1Fx2Ayrw==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame D556 15 KB
3 KB 258ms
258ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 889D 18 KB
5 KB 249ms
248ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 01 Feb 2024 01:53:08 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 889D 13 KB
4 KB 41ms
40ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 52255
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace17b8f2841cd-EWR
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 889D 6 KB
3 KB 210ms
209ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Frekap-kumat%2F&j=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20KUMAT%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:110743499&@b3:1706147588&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Frekap-kumat%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b174ce765343a7ee6c0ad2d151c5fa838ba7327713146aed8ae41897049476b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
x-t: 0.199
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RA4LprzgvulrtZcRh%2Fdz2p8xZUhg%2BKuuhCVJluNVCjITzew95UvmbSC%2BfPs7uQJdW6JKaD1htkdcADpkCUvAf6PkRgB%2FO3uY3hbxxeLz1F3nO8LU520OAln8gIZizf1S9g7mVAitKoKbfqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 84ace17b8c948c15-EWR
expires: Thu, 25 Jan 2024 01:53:07 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 6EE7 43 B
177 B 47ms
47ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:08 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 style6.css
wblog.xyz/ Frame 4AE8 7 KB
2 KB 456ms
454ms Stylesheet
text/css 45.76.151.5

General

Check archive.org

Show headers Download Go to

Full URL

https://wblog.xyz/style6.css

Requested by

Host: wblog.xyz
URL: https://wblog.xyz/live-draw-sgp.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.76.151.5 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wblog.xyz/live-draw-sgp.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 31 Mar 2023 08:22:45 GMT
server: nginx
etag: W/"64269855-1ca0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Thu, 25 Jan 2024 13:53:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4AE8 2 KB
663 B 91ms
90ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&display=swap

Requested by

Host: wblog.xyz
URL: https://wblog.xyz/live-draw-sgp.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wblog.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 01:25:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 01:53:08 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 4AE8 86 KB
31 KB 187ms
46ms Script
text/javascript 2607:f8b0:4004:c07::5f

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: wblog.xyz
URL: https://wblog.xyz/live-draw-sgp.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wblog.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 23:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 23:49:54 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 6547 43 B
177 B 40ms
40ms Script
image/gif 3.95.90.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.90.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-90-76.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 01:53:08 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 92E8 0
142 B 140ms
139ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IDEQiSZHoL1tX3WzRa2vaD_p&rand=73434&pu=https://zona-bermain.com/generator-line-angka/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-singapore/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B7954370C6C74608B3E77355F8143A38 Ref B: PHL30EDGE0417 Ref C: 2024-01-25T01:53:08Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPu3D16iHNJiVNnpoPrw==

GET
H2 204 sync
thrtle.com/ Frame A670 0
472 B 33ms
32ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IDEQiSZHoL1tX3WzRa2vaD_p
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 889D 0
442 B 47ms
46ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A0170614755864712164A73D22398F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Frekap-kumat%2F&r=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Frekap-kumat%2F&j=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
x-t: 1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLVKNd5cp5MYMtEoLc8PdZEEkVKhPCUVpSzguWlD8pB%2BiyIQzaDg2ByGpq5sanfCUpWObETlJOs2f%2FQwsbQK6%2FLL%2FcMsDnl%2B0N6Iwi7xWGICJH0ErDLamQ0NJ%2BsAghSxcWes5bbI%2F9W1AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 84ace17d7975c32b-EWR
expires: Thu, 25 Jan 2024 01:28:56 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 889D 33 KB
11 KB 95ms
93ms Script
text/javascript 3.162.163.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Frekap-kumat%2F&j=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.163.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-163-118.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 06:17:26 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 70543
x-amz-cf-id: GE2s14hqCa4ooQp41wPbMr4_LRhgzWkqiDV1HO1_ACgvEZECZmpUXg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 889D 0
289 B 205ms
205ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=5iljgda8np&_pv=11&_ls=21&_cc=us&_pl=d&_b=chrome%40120&_cbid=4zpu&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Frekap-kumat%2F&j=https%3A%2F%2Fzona-bermain.com%2Fbuku-mimpi-4d%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
x-t: 0.085
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z82bqPBpaD8cqY7w7jhJ8zQ2u%2BPDXXEXAHTFkE1P6Mf2ofx1SiMVA%2BE7s%2FdNwJdVU9zQrrZglD4uFcl0fS6w72EYszGXIzvArHPJjD%2F81q%2FfuVlY9hrUw3dPY81yO7lhtMOt7Xxe4BzVK%2Fs%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84ace17d7ecd8c15-EWR
expires: Thu, 25 Jan 2024 01:53:07 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame D556 11 KB
4 KB 39ms
38ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 01:53:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 68125
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84ace17d793641cd-EWR
content-length: 4547

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 889D 230 B
530 B 26ms
25ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:53:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 889D 231 B
531 B 27ms
26ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT jfk 2
date: Thu, 25 Jan 2024 01:53:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET

sync
x.bidswitch.net/ul_cb/ Frame 1878
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IDEQiSZHoL1tX3WzRa2vaD_p&rnd=55850
https://x.bidswitch.net/sync?ssp=liveintent&user_id=9031f432-95f1-4371-8f6c-243625f67bcf
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=9031f432-95f1-4371-8f6c-243625f67bcf

0
0

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 4E75 0
0 64ms
63ms Document
text/plain 18.160.213.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=72424
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.160.213.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-213-74.ord58.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Thu, 25 Jan 2024 01:53:08 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 390338d0f936d5f922e509635ad42b7a.cloudfront.net (CloudFront)
x-amz-cf-id: OZ-JX83YDYWuxi2ADvJG01UYpbVRNGdOQK_GjsbCBfnaFzrrkYZ2aQ==
x-amz-cf-pop: ORD58-P3
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 4763539.php
s4.histats.com/stats/ Frame D556 436 B
0 180ms
90ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:113014979&@b3:1706147589&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:09 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 889D 5 KB
2 KB 40ms
40ms Script
text/javascript 3.162.174.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.174.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-174-37.ord56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 19d924aad94fb7559b35412e1281c53e.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 01:48:03 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: ORD56-P9
age: 306
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ixIZZmJgtR1lmgGYNVU9XEjM10-MJHuHB8NvV0Ql91p1RLKxMojcDA==

GET
H/1.1 200
OK v2
ap.lijit.com/readerinfo/ Frame 889D 0
0 48ms
47ms Fetch
application/json 63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 01:53:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 176

GET style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame DE48 0
0

GET cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame DE48 0
0

GET sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame DE48 0
0

GET style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame DE48 0
0

GET responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame DE48 0
0

GET jquery.min.js
zona-bermain.com/wp-includes/js/jquery/ Frame DE48 0
0

GET jquery-migrate.min.js
zona-bermain.com/wp-includes/js/jquery/ Frame DE48 0
0

GET bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame DE48 0
0

GET font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame DE48 0
0

GET popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame DE48 0
0

GET bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame DE48 0
0

GET jquery-1.9.1.js
code.jquery.com/ Frame DE48 0
0

GET jquery-ui.js
code.jquery.com/ui/1.9.2/ Frame DE48 0
0

GET jquery-ui.css
code.jquery.com/ui/1.9.2/themes/base/ Frame DE48 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: p.adsymptotic.com
URL: https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06725200

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=cf48f38f57b5afc8f1fef27f7cc9f596

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0

Domain: geo-um.btrll.com
URL: https://geo-um.btrll.com/v1/map_pixel/partner/66.png

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=9031f432-95f1-4371-8f6c-243625f67bcf

Domain: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Domain: zona-bermain.com
URL: https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Domain: zona-bermain.com
URL: https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Domain: zona-bermain.com
URL: https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Domain: zona-bermain.com
URL: https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Domain: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Domain: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Domain: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Domain: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.js

Domain: code.jquery.com
URL: https://code.jquery.com/ui/1.9.2/jquery-ui.js

Domain: code.jquery.com
URL: https://code.jquery.com/ui/1.9.2/themes/base/jquery-ui.css

Verdicts & Comments Add Verdict or Comment

235 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

155 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i6.liadm.com/s	1970-01-20 18:38:59	Name: _li_ss Value: CgA
i.liadm.com/s	1970-01-20 18:38:59	Name: _li_ss Value: CgsKCQj_____BxCRFxJnDfMSgusSYAoGCMoBEIcXCgYIkwEQhRcKBgjJARCHFwoGCJQBEIUXCgYI5gEQhxcKBgjGARCHFwoGCMcBEIcXCgYIqwEQhRcKBgjIARCHFwoGCOgBEIcXCgYI5QEQhxcKBgjFARCHFxJHDRF5Sm8SQAoGCMoBEIcXCgYIkwEQhRcKBgjJARCHFwoGCMUBEIcXCgYIxgEQhxcKBgjHARCHFwoGCKsBEIUXCgYIyAEQhxcSRw3rbRpWEkAKBgjKARCHFwoGCJMBEIUXCgYIyQEQhxcKBgjFARCHFwoGCMYBEIcXCgYIxwEQhxcKBgirARCFFwoGCMgBEIcX
sky.pasukanantidepo.shop/	1970-01-21 02:41:23	Name: HstCfa4660281 Value: 1706147557763
sky.pasukanantidepo.shop/	1970-01-21 02:41:23	Name: HstCla4660281 Value: 1706147557763
sky.pasukanantidepo.shop/	1970-01-21 02:41:23	Name: HstCmu4660281 Value: 1706147557763
sky.pasukanantidepo.shop/	1970-01-21 02:41:23	Name: HstPn4660281 Value: 1
sky.pasukanantidepo.shop/	1970-01-21 02:41:23	Name: HstPt4660281 Value: 1
sky.pasukanantidepo.shop/	1970-01-21 02:41:23	Name: HstCnv4660281 Value: 1
sky.pasukanantidepo.shop/	1970-01-21 02:41:23	Name: HstCns4660281 Value: 1
.dtscout.com/	1970-01-20 20:19:47	Name: df Value: 1706147558
.dtscout.com/	1970-01-20 20:02:30	Name: l Value: 51A0170614755864712164A73D22398F
.pasukanantidepo.shop/	1970-01-20 20:01:04	Name: __dtsu Value: 51A0170614755864712164A73D22398F
.sharethis.com/	1970-01-21 02:42:49	Name: __stid Value: ZHgABGWxvucAAAAJA0UvAw==
.sharethis.com/	1970-01-21 02:42:49	Name: __stidv Value: 2
.dtscdn.com/	1970-01-20 22:13:33	Name: uid Value: 51A0170614755864712164A73D22398F
.onaudience.com/	1970-01-21 02:41:23	Name: cookie Value: 9a20bd7ec2f0dedd
.onaudience.com/	1970-01-20 17:57:13	Name: done_redirects109 Value: 1
.tynt.com/	1970-01-21 02:41:23	Name: uid Value: 4Qap4mWxvujCgISUReIo4A==
.tynt.com/	1970-01-20 20:05:23	Name: pids Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1706147560450%7D%2C%7B%22p%22%3A%22b1b5df9b98%22%2C%22f%22%3A1%2C%22ts%22%3A1706147560450%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A2%2C%22ts%22%3A1706147560450%7D%5D
.onaudience.com/	1970-01-20 17:57:13	Name: done_redirects147 Value: 1
.adsrvr.org/	1970-01-21 02:42:49	Name: TDID Value: ad295b94-2022-4a08-8e14-97c9109b6633
.simpli.fi/	1970-01-21 02:42:49	Name: suid Value: F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
.eyeota.net/	1970-01-21 02:42:49	Name: mako_uid Value: 18d3e51bd6f-e090000010a4845
.eyeota.net/	1970-01-20 17:55:48	Name: SERVERID Value: 18501~DM
.33across.com/	1970-01-21 02:41:23	Name: 33x_b Value: 1
.onaudience.com/	1970-01-20 17:57:13	Name: done_redirects236 Value: 1
.ml314.com/	1970-01-21 02:42:49	Name: pi Value: 3641590338835972151
.bluekai.com/	1970-01-20 22:17:52	Name: bku Value: +rQ99miILVPFNHLr
.onaudience.com/	1970-01-20 17:57:13	Name: done_redirects219 Value: 1
.lijit.com/	1970-01-21 02:41:23	Name: ljt_reader Value: IDEQiSZHoL1tX3WzRa2vaD_p
.crwdcntrl.net/	1970-01-21 00:24:33	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 00:24:33	Name: _cc_id Value: cf48f38f57b5afc8f1fef27f7cc9f596
.pippio.com/	1970-01-21 02:41:23	Name: did Value: -JXNR2FoBAKio5nl
.pippio.com/	1970-01-21 02:41:23	Name: didts Value: 1706147561
.pippio.com/	1970-01-20 19:22:11	Name: nnls Value:
.zeotap.com/	1970-01-21 02:41:23	Name: zc Value: 70ef5265-9d4b-4115-4e37-0f205f19a105
.zeotap.com/	1970-01-20 17:57:13	Name: zsc Value: wI%2A%AF%8E%7D%60%FD-%D4%9C1%0D%21N2%C3%3FO+%94%85%DB%9Di%A0O%D0%B1%F5m%1E%87%AFw%3DH%12%E2%A0%1Fj%AA%13j%AA%1B%DFY%E6%81%AC%D3%C6l%C7%DEB%9BU%EB%CC%00%10%F3%84%EA%C51n%B7%ACaD%980h%98%97%CAm%09%3C
.doubleclick.net/	1970-01-21 03:31:47	Name: IDE Value: AHWqTUmd43bXQIYw3-tn7r_Lw0C7JiRUY09RZiL8Sd6LU12-kpeXCYUSDzIvqrY3jnI
.linkedin.com/	1970-01-20 20:05:23	Name: li_sugr Value: ab812ea1-ab34-46d4-9b67-09ee79a11587
.linkedin.com/	1970-01-21 02:41:23	Name: bcookie Value: "v=2&58fc0ced-9f60-4f30-8e46-d8ff4fb3195c"
.linkedin.com/	1970-01-20 17:57:13	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3199:u=1:x=1:i=1706147561:t=1706233961:v=2:sig=AQGfWyC08gosCnYuE7TJzkAicFArV3aX"
.intentiq.com/	1970-01-21 03:31:47	Name: IQver Value: 1.9
.liadm.com/	1970-01-21 03:31:47	Name: lidid Value: 9031f432-95f1-4371-8f6c-243625f67bcf
.e.dlx.addthis.com/	1970-01-21 03:26:01	Name: na_tc Value: Y
.addthis.com/	1970-01-21 03:26:01	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 18:38:59	Name: na_sr Value: 20240125
.addthis.com/	1970-01-21 03:26:01	Name: na_id Value: 2024012501524400061385747456
.addthis.com/	1970-01-21 03:26:01	Name: uid Value: 65b1beec55d661ed
.addthis.com/	1970-01-21 03:26:01	Name: ouid Value: 65b1beec00019f2b5e002ca61534c7952fcfed4ae2805293f292
.dlx.addthis.com/	1970-01-20 18:38:59	Name: na_sc_x Value: 1
.alcmpn.com/	1970-01-21 02:41:23	Name: _3ci Value: 6f403641-bb24-11ee-9ccf-75421e9510d9
.lijit.com/	1970-01-21 02:41:23	Name: _ljtrtb_2 Value: F8BDF8AE04A24B9B9B0EF1CA7C0B87BC
.dlx.addthis.com/	1970-01-20 17:55:47	Name: na_srp Value: 7601
.dtscout.com/	1970-01-20 17:55:52	Name: m Value: 5
.dtscout.com/	1970-01-20 17:56:01	Name: oa Value: 5
.turn.com/	1970-01-20 22:14:59	Name: uid Value: 2466746828872905745
.lijit.com/	1970-01-21 02:41:23	Name: _ljtrtb_5001 Value: cf48f38f57b5afc8f1fef27f7cc9f596
.adnxs.com/	1970-01-20 20:05:23	Name: XANDR_PANID Value: XsDq5W1odlKMdf2_3INbTQxuQO1Vaa029wwEGafSh4q6Ln6oflaoCUA1aG4y0ddR3xvkClszK6FVtxudHsA2ima1z79QfS3X8laGgrv2CN4.
.adnxs.com/	1970-01-21 03:31:47	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:05:23	Name: uuid2 Value: 6295036647698144493
.everesttech.net/	1970-01-21 02:41:23	Name: everest_g_v2 Value: g_surferid~ZbG_8AARAHb41ABH
.yahoo.com/	1970-01-21 02:41:45	Name: A3 Value: d=AQABBPC-sWUCEGLp24FL_3pZeKI6wG_CPi4FEgEBAQEQs2W7ZdxH0iMA_eMAAA&S=AQAAAu_4RdlLfasitb7WyTLIIv8
.bidr.io/	1970-01-21 03:24:17	Name: bito Value: AACipU7LY34AABLeucDDpQ
.bidr.io/	1970-01-21 03:24:17	Name: bitoIsSecure Value: ok
.exelator.com/	1970-01-20 20:48:35	Name: EE Value: "bf59567db7ef986f726c91f902181978"
.exelator.com/	1970-01-20 20:48:35	Name: ud Value: "eJxrXxzq6XKLQSEpzdTS1Mw8Jck8Nc3SwizN3Mgs2dIwzdLAyNDC0NLcYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252BbrwkAic8p2Q%253D%253D"
.dlx.addthis.com/	1970-01-20 18:38:59	Name: na_rn Value: 3
.dlx.addthis.com/	1970-01-20 18:38:59	Name: na_sc_e Value: 3
.lijit.com/	1970-01-21 02:41:23	Name: ljtrtb Value: eJwNyrERgCAMBdBdUlsEJCbYEYQ9NOdfwnN3vde%2BhzLtNM2PaW1wabl4%2FfGYqTft7KbeaSFhTv8MFMNqEL3kRBgSbmSFRlRI3ej9AC3gFOQ%3D
.intentiq.com/	1970-01-21 03:31:47	Name: intentIQ Value: 9amzqQ78cl
.intentiq.com/	1970-01-21 03:31:47	Name: intentIQCDate Value: 1706147570625
.intentiq.com/	1970-01-21 03:31:47	Name: IQPData Value: 3460456530#1706147570619#0#1706147570619
.intentiq.com/	1970-01-20 18:38:59	Name: IQMID Value: 3460456530#1706147570625
.intentiq.com/	1970-01-21 03:31:47	Name: IQadv Value: 1706147570625
sync.srv.stackadapt.com/	1970-01-21 02:41:23	Name: sa-user-id Value: s%3A0-24e51cb4-810c-5131-43e4-999a25f3bde6.zDx%2BRdNEkMhZ3PzpLpbsKOHswXHLN1C0ahVK0p7mbT4
.srv.stackadapt.com/	1970-01-21 02:41:23	Name: sa-user-id Value: s%3A0-24e51cb4-810c-5131-43e4-999a25f3bde6.zDx%2BRdNEkMhZ3PzpLpbsKOHswXHLN1C0ahVK0p7mbT4
sync.srv.stackadapt.com/	1970-01-21 02:41:23	Name: sa-user-id-v2 Value: s%3AJOUctIEMUTFD5JmaJfO95s5CYFI.5%2FnG21MrIQru2vTY%2FpuOxYGIPy6mqXtmC2T506dfdIA
.srv.stackadapt.com/	1970-01-21 02:41:23	Name: sa-user-id-v2 Value: s%3AJOUctIEMUTFD5JmaJfO95s5CYFI.5%2FnG21MrIQru2vTY%2FpuOxYGIPy6mqXtmC2T506dfdIA
sync.srv.stackadapt.com/	1970-01-21 02:41:23	Name: sa-user-id-v3 Value: s%3AAQAKICcgTaloNAjwcclnN-w0iTfcMSrige6ilj-LtfJlE6AMEAEYAyDz_catBjABOgQ7vvenQgRCYccD.etVmVq97ec1x3aRuieF1Oa%2F34jqZiH9h704JSKOQpMA
.srv.stackadapt.com/	1970-01-21 02:41:23	Name: sa-user-id-v3 Value: s%3AAQAKICcgTaloNAjwcclnN-w0iTfcMSrige6ilj-LtfJlE6AMEAEYAyDz_catBjABOgQ7vvenQgRCYccD.etVmVq97ec1x3aRuieF1Oa%2F34jqZiH9h704JSKOQpMA
.lijit.com/	1970-01-21 02:41:23	Name: 3pids Value: 8105:cbdcc14ccc7e4eab2efafef4f54d3155,,6dc44ae3b56336cb4d3f5f03d091d7508d9c3c68,,7856397e163cef2017d0ae8b2607da2d0f779c9d4cd19f5ec5899687abd47ae7,,\|8100:d0ebd870e62417c041b1cfaabc5fab5b,,58964d2aebc4d92593ca3b3153c99cd867f2acf2,,4b6231a1814506b6861b2cf443546c4fc23c42546009ff00b6b978ac13c945b7,,
.linksynergy.com/	1970-01-21 02:41:23	Name: icts Value: 2024-01-25T01:52:52Z
.linksynergy.com/	1970-01-21 02:41:23	Name: rmuid Value: d7482f65-1f29-4248-9d7a-29d69fa10a35
.openx.net/	1970-01-21 02:41:23	Name: i Value: 0bd87efb-364b-462b-9a63-dbafe97a1686\|1706147573
.amazon-adsystem.com/	1970-01-20 23:55:47	Name: ad-id Value: A1Llr8gb4UfwlcuE9jGIirg
.amazon-adsystem.com/	1970-01-21 03:31:47	Name: ad-privacy Value: 0
.demdex.net/	1970-01-20 22:14:59	Name: demdex Value: 35827208354728692942570658140409409333
.dpm.demdex.net/	1970-01-20 22:14:59	Name: dpm Value: 35827208354728692942570658140409409333
.reson8.com/	1970-01-21 02:42:49	Name: RCID2 Value: A196988373E0DF79D80FEEE23DFA7704
.dtscout.com/	1970-01-20 17:55:51	Name: st Value: 13
.krxd.net/	1970-01-20 22:14:59	Name: _kuid_ Value: QDlHiiCe
.bluekai.com/	1970-01-20 22:14:59	Name: bkdc Value: phx
.sitescout.com/	1970-01-21 02:41:23	Name: ssi Value: e964c162-cc10-4623-9b2f-b3b2ace9505c#1706147579117
.criteo.com/	1970-01-21 03:17:23	Name: uid Value: e03014b8-973e-4a3c-bb29-ee4c9614d26b
.t.sharethis.com/	1970-01-20 18:15:57	Name: pxcelPage_default_c010_C Value: 15_0_1706147560498
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 114
.tribalfusion.com/	1970-01-20 20:05:23	Name: ANON_ID Value: a7nsmAwyEoipuMNpaXU7c3ZbPaqPc7WZduxVE0phV3QA1F3cQCZbsa9XrdZcOsZadEr2SoT6SH8aGYwGH
.crwdcntrl.net/	1970-01-21 00:24:35	Name: _cc_cc Value: "ACZ4XmNQSE4zsUgztkgzNU8yTUxLtkgzTEtNMzJPM09OtkwztTRjAILUjfv%2Bvvn%2F%2Fz8%2FiAMGvNcPtxox79Fi%2BM%2FI%2BFEWRG6vB5EM9z5YYhNuX%2FeUG5v4uaOHmLGJ%2F9w4hQWb%2BKVTj9iwie%2Fed1kAm%2FiHhvsCTMjOZDi8eA5Wk98twS7%2BZuYBJmwmN%2FzXxCZ8r0sLmzAA5AR65g%3D%3D"
.crwdcntrl.net/	1970-01-21 00:24:35	Name: _cc_aud Value: "ABR4XmNgYGBI3bjvL5CCAHYGBq4ZYOaiVhDJqDUbQs0CUXzuDmDew3oQxa%2BzH0gCAEQmCR0%3D"
.w55c.net/	1970-01-21 03:27:28	Name: wfivefivec Value: TN3E0Vtl1RsOVn5
.w55c.net/	1970-01-20 18:38:59	Name: matchthrotle Value: 5
.sitescout.com/	1970-01-20 18:38:59	Name: _ssuma Value: eyI1OCI6MTcwNjE0NzU3OTI1NCwiNyI6MTcwNjE0NzU4MjAzNX0
.mgid.com/	1970-01-21 02:41:23	Name: muidn Value: o0o2FguqCaRh
.mgid.com/	1970-01-20 17:55:49	Name: __cf_bm Value: a9bQ8AGsOmSLw.Icz3rBjlT2f3jkHErUW6s9GPsOlek-1706147582-1-ASyvFH31zuz+r7LP6Bb1InY1qAErKOi/2lUM2RBu8N/Kdpd4ZvEI9Qq0KuP8dkt+824YuimKrqCcqHCJ4OwBw6U=
.agkn.com/	1970-01-21 02:41:23	Name: ab Value: 0001%3AMgkqfW9WfLXvKqWu5%2F40EpvKs3VfJcHS
.adform.net/	1970-01-20 18:40:25	Name: C Value: 1
.truoptik.com/	1970-01-21 02:41:23	Name: to_master_s Value: 66e91b8070adee7da00d6c47436dcdba
.truoptik.com/	1970-01-21 02:41:23	Name: to_version_s Value: b2
.tapad.com/	1970-01-20 19:22:11	Name: TapAd_TS Value: 1706147582360
.tapad.com/	1970-01-20 19:22:11	Name: TapAd_DID Value: b5cbacce-642a-4359-9f77-3f20d5a1fa2a
.pubmatic.com/	1970-01-20 17:57:13	Name: KTPCACOOKIE Value: YES
.mediawallahscript.com/	1970-01-21 03:31:47	Name: mCookie Value: 7959d050-bb24-11ee-9f21-a97edee91416
.mediawallahscript.com/	1970-01-21 03:31:47	Name: mUserCookie Value: %7B%7D
cm.mgid.com/	1970-01-20 18:38:59	Name: mg_sync Value: {}
.shareaholic.com/	1970-01-21 03:31:47	Name: c_id Value: 1876e5ae-0905-46ed-82eb-d67066955afa
.crsspxl.com/	1970-01-20 19:22:11	Name: uid Value: 6194131584044721876
.crsspxl.com/	1970-01-20 19:22:11	Name: uuid Value: 31e46d78-7304-4b4e-a92b-c37e10dda8d0
.pro-market.net/	1970-01-20 18:38:59	Name: anHistory Value: "1tfii0baz4gge+2+!#72-!<#&VK"
.adform.net/	1970-01-20 19:22:11	Name: uid Value: 6454740188857927412
.c.cintnetworks.com/	1970-01-20 17:55:51	Name: TiPMix Value: 33.84194481710765
.c.cintnetworks.com/	1970-01-20 17:55:51	Name: x-ms-routing-name Value: self
.ipredictive.com/	1970-01-21 02:41:23	Name: cu Value: 7bca4447-e173-4f17-bfe3-cf8b1ed4ded5\|1706147582567
.pubmatic.com/	1970-01-21 02:41:23	Name: KADUSERCOOKIE Value: 10237D68-79EE-4DDB-9844-23D48C3515B3
.smartadserver.com/	1970-01-21 02:42:49	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:42:49	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.tapad.com/	1970-01-20 19:22:11	Name: TapAd_3WAY_SYNCS Value: 1!601
.smartadserver.com/	1970-01-21 02:42:49	Name: pid Value: 5387935812230943205
.clickagy.com/	1970-01-21 03:31:47	Name: cb Value: ZbG-_rvK28MRGFFZTtBNX1oV
.pro-market.net/	1970-01-20 22:14:59	Name: anProfile Value: "1tfii0baz4gge+1+4=2n3+1f=1+1g=1+1j=57:1+rs=s+rt=260008030A8810820000000000000082+s0=(o)+s2=(s7snwe)+vm=19-cf48f38f57b5afc8f1fef27f7cc9f596:53-CAESEIlcK9XCCu_foCWWitT1fIg"
.onaudience.com/	1970-01-20 17:57:13	Name: done_redirects104 Value: 1
.rubiconproject.com/	1970-01-21 02:41:23	Name: khaos Value: LRSK7W9R-T-KET0
.rubiconproject.com/	1970-01-21 02:41:23	Name: audit Value: 1\|9rDyEkVXounmq6VKsYf0r8g50o75WKLLK2DhruKENMkOiiaDVsR94lMWcd2c+2gLZZTno3xX04HyUhTWCqUS/D1eMj+H8dOHlp9qfhknqSdLaDJDV/M22uZ4nMwf2MD7dFs+VV7DOT3vUUmRXrBhN2Dw8Z8vTu4Tk50LKQzdh9Q=
.id5-sync.com/	1970-01-20 20:05:23	Name: id5 Value: 03b647d8-1dbe-7399-8c8c-47fd2a3630fe#1706147582603#2
.onaudience.com/	1970-01-20 17:57:13	Name: done_redirects252 Value: 1
.adsrvr.org/	1970-01-21 02:42:49	Name: TDCPM Value: CAESFgoHYmx1ZWthaRILCOSCkt7L1M48EAUSFwoIbGl2ZXJhbXASCwi03e-HzNTOPBAFEhQKBXRhcGFkEgsI6KbN38zUzjwQBRgBIAEoAjILCPaC9o_j1M48EAU4AVoHOGg5dTExaGAC
.rqtrk.eu/	1970-01-21 02:41:23	Name: browser_id Value: e588d447-fe46-4097-b02b-cd210b2d0321
.mediawallahscript.com/	1970-01-20 17:57:13	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_01_2024 Value: %7B%221pVtae%22%3A1%7D
aorta.clickagy.com/	1970-01-21 03:31:47	Name: chs Value: [{"ch":"120","t":"2024-01-25 01:53:02"},{"ch":"124","t":"2024-01-25 01:53:02"},{"ch":"4","t":"2024-01-25 01:53:03"}]
.aidata.io/	1970-01-21 03:31:47	Name: __upin Value: cpv4u6hDJeSYLk+1+mMwZQ
.aidata.io/	1970-01-21 03:31:47	Name: __upints Value: 1706147583
.onaudience.com/	1970-01-20 17:57:13	Name: done_redirects282 Value: 1
.imrworldwide.com/	1970-01-21 03:17:23	Name: IMRID Value: 79f8f680-bb24-11ee-ba65-a5f5b31dba36
.analytics.yahoo.com/	1970-01-21 02:41:23	Name: IDSYNC Value: "19cl~2gdd:19ab~2gdd:19cg~2gdd:19bk~2gdd:199z~2gdd:19bn~2gdd"
.adentifi.com/	1970-01-21 03:31:47	Name: adtheorent[cuid] Value: cuid_7a846da0-bb24-11ee-a7a2-125e5676ad8d
.w55c.net/	1970-01-20 18:38:59	Name: matchliveramp Value: 5
.id5-sync.com/	1970-01-20 20:05:23	Name: 3pi Value: 224#1706147583573#-582962426#2466746828872905745\|321#1706147584448#1571211356\|2#1706147583311#1101079412#6295036647698144493\|19#1706147582834#-2027675068#cf48f38f57b5afc8f1fef27f7cc9f596\|264#1706147583124#-101663083#ad295b94-2022-4a08-8e14-97c9109b6633\|136#1706147583854#-956047959\|121#1706147584062#-315854536\|398#1706147584448#1531302289
.scorecardresearch.com/	1970-01-21 03:31:47	Name: UID Value: 1526318655f0cca498023981706147584
.thrtle.com/	1970-01-20 22:43:47	Name: sc Value: eyJpIjoiMDNmMzYzMGItOTBhNS00YWZjLTk2MmYtMGUyMDA2YWIzOGRmIiwic2lkIjoic2lkLTdiMWQ2ZDZmLWJiMjQtMTFlZS1iYjk3LTAyNDIwYWZmMDA2ZSIsIm1zIjoxLCJwcyI6MTUsInNwIjo1MDMyLCJwcCI6MTUsInRzZSI6MTUsImx0c2UiOjE3MDYxNDc1ODUyOTB9
.pippio.com/	1970-01-20 19:22:11	Name: pxrc Value: CPT9xq0GEgQIAhAAEgUIlCkQCRIFCOUrEAsSBQjmKxAMEgUI5ysQDRIFCOgrEAkSBQjpKxAKEgUI6isQChIFCOsrEAISBQjsKxAMEgYI7OsBEAASDwjfrCsQ/f//////////ARIPCIK9KxD1//////////8B
.rlcdn.com/	1970-01-20 19:22:11	Name: pxrc Value: CPP9xq0GEgUI6EcQABIFCO5HEAkSDgjbThD1//////////8BEgYIsOoBEAwSBgi26gEQAxIGCLfqARANEgYIuuoBEAISBgi86gEQAxIGCL7qARAHEgYIwOoBEA0SBgjB6gEQCxIGCMLqARACEgYIxOoBEA4SBgjS6gEQCxIGCNbqARAKEgYI2OoBEAoSBgjq6gEQCBIGCPLqARAFEgYIuOsBEAESBgjq3CoQAxIGCJasKxAM
.rfihub.com/	1970-01-21 03:17:23	Name: eud Value: H4sIAAAAAAAA_zvFyGtobmBmaGJuamFmYG4MANrnQN0QAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzKxMDczMTUxNjcwEuIz1HWKqioOCw4IqUwtqwAAUGtsCSQAAAA
.rfihub.com/	1970-01-21 03:17:23	Name: rud Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzKxMDczMTUxNjcwEuIz1HWKqioOCw4IqUwtqwAAUGtsCSQAAAA
.rlcdn.com/	1970-01-21 02:41:23	Name: rlas3 Value: UcrezSsZrQGubmzbl9k33nylW+GJK/IL0D6iITFVjnA=
.thrtle.com/	1970-01-20 22:43:47	Name: mc Value: eyJpZCI6IjZlNDE1MjZkLWRlOTUtNDlhMS1hYzMwLTg2ZTVmYWVlZjhlZiIsImwiOjE3MDYxNDc1ODY3ODcsInQiOjMzfQ==

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://momen.tm/ZdO9uN Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://sky.pasukanantidepo.shop/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://king.laskar2d.xyz/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://bolo.treksantuy.xyz/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://rtx.dudasoleh.lol/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
network	error	URL: https://zona-bermain.com/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://markas-prediktor.info/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://raja.hoki2d.xyz/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/pola-dasar/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/prediksi-hongkong/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
network	error	URL: https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06725200 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://zona-bermain.com/prediksi-china/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/buku-mimpi-2d/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/paito-warna-taiwan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
network	error	URL: https://zona-bermain.com/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://zona-bermain.com/prediksi-taiwan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
network	error	URL: https://geo-um.btrll.com/v1/map_pixel/partner/66.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=cf48f38f57b5afc8f1fef27f7cc9f596 Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/generator-line-angka/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/live-singapore/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/buku-mimpi-4d/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.
security	error	URL: https://w1.bungaprediction.com/livesgp.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IDEQiSZHoL1tX3WzRa2vaD_p' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
4.bp.blogspot.com
a.dtssrv.com
a.tribalfusion.com
aa.agkn.com
ads.scorecardresearch.com
ajax.googleapis.com
antoboomerblog.files.wordpress.com
aorta.clickagy.com
ap.lijit.com
api.intentiq.com
audex.userreport.com
bcp.crwdcntrl.net
beacon.krxd.net
blogger.googleusercontent.com
bolo.treksantuy.xyz
bungaprediction.top
c.cintnetworks.com
c1.adform.net
cdn-tc.33across.com
cdn.jsdelivr.net
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
code.jquery.com
connect-metrics-collector.s-onetag.com
d.turn.com
data-beacons.s-onetag.com
de.tynt.com
dmp.truoptik.com
dpm.demdex.net
dtsedge.com
e.dlx.addthis.com
e.dtscout.com
ei.rlcdn.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
geo-um.btrll.com
get.s-onetag.com
global.ib-ibi.com
gum.criteo.com
he.lijit.com
i.liadm.com
i.simpli.fi
i6.liadm.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.reson8.com
idsync.rlcdn.com
image6.pubmatic.com
kaptenoleng.com
king.laskar2d.xyz
lex.33across.com
live.rezync.com
loadm.exelator.com
loadus.exelator.com
m2.treksantuy.xyz
markas-prediktor.info
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
ml314.com
momen.tm
mwzeom.zeotap.com
nlsn.thrtle.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-geo.s-onetag.com
opesia.vip
p.adsymptotic.com
p.alcmpn.com
p.rfihub.com
partner.mediawallahscript.com
pbid.pro-market.net
pd.sharethis.com
pippio.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.shareaholic.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
raja.hoki2d.xyz
rc.rlcdn.com
rtb.adentifi.com
rtd-tm.everesttech.net
rtx.dudasoleh.lol
s.amazon-adsystem.com
s.tribalfusion.com
s.w.org
s10.histats.com
s4.histats.com
s4is.histats.com
secure-gl.imrworldwide.com
secure.adnxs.com
sky.pasukanantidepo.shop
spl.zeotap.com
stags.bluekai.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.ipredictive.com
sync.search.spotxchange.com
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tag.crsspxl.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
thrtl.redinuid.imrworldwide.com
thrtle.com
token.rubiconproject.com
track2.securedvisit.com
trc.taboola.com
treksantuy.asia
treksantuy.tech
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
w1.bungaprediction.com
wblog.xyz
wget.angkapaito.net
widget.angkapaito.net
ws.rqtrk.eu
wt.rqtrk.eu
x.bidswitch.net
x.dlx.addthis.com
x01.aidata.io
zona-bermain.com
cdn.jsdelivr.net
code.jquery.com
geo-um.btrll.com
global.ib-ibi.com
maxcdn.bootstrapcdn.com
p.adsymptotic.com
sync.search.spotxchange.com
x.bidswitch.net
zona-bermain.com
104.126.112.185
104.17.215.204
104.18.21.134
104.18.34.83
107.178.254.65
108.156.91.83
13.225.214.117
13.225.63.48
13.59.48.188
141.94.171.212
142.4.219.198
149.56.240.128
151.101.194.49
162.19.138.117
172.253.122.155
172.64.152.89
172.96.191.134
18.160.213.74
18.160.249.36
18.164.116.98
18.221.210.46
185.167.164.43
192.0.72.23
192.0.77.48
199.38.167.131
207.198.113.90
216.22.16.73
23.34.59.18
23.7.64.229
2600:1901:0:8eee::
2600:1f18:ed:550a:6220:97e8:2a1e:4cc1
2600:9000:211c:1200:1e:a43d:b640:93a1
2606:4700:10::6814:4f63
2606:4700:10::6816:3262
2606:4700:1::6813:824c
2606:4700:20::681a:d3c
2606:4700:21::8d65:780b
2606:4700:3030::ac43:a16f
2606:4700:3031::ac43:b058
2606:4700:3032::ac43:b4fc
2606:4700:3032::ac43:d74f
2606:4700:3033::6815:e31
2606:4700:3033::ac43:c223
2606:4700:3034::6815:312f
2606:4700:3035::6815:5055
2606:4700:3036::ac43:8f7f
2606:4700:3037::6815:605a
2606:4700:3037::ac43:84cf
2606:4700:3037::ac43:b044
2606:4700::6812:18ad
2606:4700::6812:bcf
2606:4700:e6::ac40:ce0d
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::84
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1b::84
2620:100:a001::c
2620:112:f002:bbbb::23
2620:1ec:21::14
2a04:4e42:200::485
2a04:4e42:200::649
2a04:4e42:400::300
3.162.163.118
3.162.174.37
3.219.59.246
3.225.218.10
3.233.146.200
3.237.59.54
3.95.90.76
34.111.113.62
34.117.77.79
34.197.192.192
34.202.176.34
34.226.133.129
34.229.3.43
34.232.140.51
34.234.61.205
34.86.110.8
34.98.67.3
35.168.34.202
35.226.42.89
35.236.220.17
35.244.154.8
35.244.159.8
40.71.11.141
44.206.54.3
44.218.239.184
45.76.151.5
51.222.241.100
52.201.104.25
52.21.33.16
52.223.40.198
52.4.73.70
52.46.155.104
52.84.18.2
52.95.251.104
54.147.59.32
54.161.18.58
54.166.215.153
54.204.112.220
54.85.120.53
63.251.86.50
63.251.86.51
67.202.105.22
67.202.105.32
67.202.105.34
68.67.160.117
75.2.13.80
8.28.7.81
8.43.72.98
85.187.128.38
89.108.120.68
00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95
01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb
06710711e7517c22412aa923d472e9cce857b02605e4c0049cdc7edb666a132c
07309b4c9b90ef5e7845f16c6512856e2ed3f079721c33e62e8e6f3070809a57
08108167102e7c801120e5f7e225e04ce1f844afcdd09617ba62ff57c36310e4
08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7
1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
118de8cf537f918fddebc1a3e05e71080d7b4bf810fa9b1f21870de27c89ac69
195942ed277201c204d240ded105cd72f57d3f1cc7ecc88439e6d0d6f23f710b
19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f
19d16533a9ef10b4c9fe67b888b38647684b6f1d385fc5275c74e6132aff03bc
1a6b459da626bc4487b1b8818c93b2808e3a25388deb43e2ae5bfed6b8ef42f4
1a781450129f4a3dbafcfe62558de75c582c35f1a3f44a6a3603d30175b7b0bf
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1d98776dd4a4e09265a41eb51d98cb24802b57c060c03ff1e7229a0c84ea496a
1e5c3465ac627daac9e2923d641e49ef24beb85819bf7db1a7e98b07f746ef0d
20fe6d443870180a271f3f12c5f457886b649cf9f883ae800b39880755b4f57f
217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c
21b3b4b5b8768ab140b93e44750df54ad98915f2db1344442f2acd38251af9e3
2388f1b8ef95668322254f1ae8523c148beceddccd6e239bd683281835e1180b
247da79a2ac57cffd5708691570e2c86b97f7980fbfbc9b17aae8001dc0deae5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c
278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409
293b92928161f48cdba927ef69f8e663d68a516c62c79a1ac4763d5685be4864
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b69ca2d96dbc0f2a379bbd26934f43a9f6861c9243cfb69790cda79b6e75653
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620
2d863b8b486454d6224edb1d1c208447b353c6e24cf55abc1f8fc59e7b4726c1
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e0a6fc74dc393d806872f0725a2ca92af2b315067512eb5ba2b7b4f29d28f49
2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90
2ead3876b9bac7950974842f46dda67ac51306ecc7f5fa9401d1c0e9497dfd07
2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a951a81bda27afd6c71aaff7748f621fbee27fe57d59828e093491549fd9de
30fd611e6fd3f2dda62a5bb94179dc595dd6f318660f5c11255af686c9509827
31fbef2d8aa8eb899334230f74c59be161cb7a3fef953d60d698855548e7c825
322cd64275df2605f7dec93bf6895060754dcff188ce2d3f76111bf2b5822c57
324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3485295530761106ba56255187cc1f9a7f7cddb3b54eb1030dbd0c415b76afbc
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3e154703c1024ab648e2c74bd3a9714683363b6a3974b6b0dd0a825b0dfe9ca5
3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b
3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2
41f15a6d3a660457b1539972005dd30add9c7a80ac04fec9a079f9bdd74851c0
42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038
445f72f8771ec2ba6cebe0908e509d17a798bfb00c748350d8c619a751d50929
44f31e13bd49b6ea3d2212c98d2b8382c95b57005996e3a5582d748da177284a
4521820d5e41f49128cae1ad2443ac91c7a988b4b1d357e85a3ed886174c007b
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
454908a280d65f7e7f396b24e333b144e8865b61f761d99b09d97cae0610605c
4575d59a004cffff6808cd267bd0262a70166046a5754082a8747505d28b5999
49a97b4bb0a5f0b05686907796f64b9013b04bfcb4f63fabfa72105e8132fd28
4d2a469f5bda567e36b480b20468c37779aa0a7e338733b741a26378112fb572
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45
4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
503dbebf746b08ab2fadbda645ed92ac9f21901f4979007743a235c9961afe7b
505493895ef8283ca4e078ef974e7696c6de28d3f697bcecb1a4ffad58bb7380
51657894d582014e07c19a90007b911b5778078a5838eb727f3656fa438be887
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549487a3c6e50a75d7fab97adfa37f07e53f96cfcefb922545608ebfb71cc2bd
550ebaf92e9edd8e43ef8a2a61c54addc198d9b6e46a16c79096fde2d2e38be6
574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f
5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde
599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209
5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8
5cdf948f65cf951821da557dc5b8cc9067c64589070285feab8aa6f7c64657e0
5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949
5d310891fe2f1cfd19e14cc4e74f47ae90b95a9f981ff5e8d5d9ad15bd825448
5d5e465c2d75722b4036e73801808d891f1f65fac836cb13a5dc34cc15fe60c4
5d771c7db362c1697c04dbb3e24720ad5ef4c73f75daaeedc4e1b1fe640509bb
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f70122d646c9187fcd82ab850d6bdc6e062c01b3da7eaeb664077fc2eb96835
60753d7fdcfbff1bc5de6cfa1b1d7c4041e32257bebaa6459843f9e6e5dbe302
60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045
61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271
6206cf1be7d6284de73d2128df48af0c3221e45ac6dfe059ee4fad2d2996abaf
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b
68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda
68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e1368baafba1ee14412488bb7814ced3980e0cd97393d173c4114f28a02bd7c
6ee5599420176d6c73cb80505f7d287e527d903336f0cfb2348ace130fb7d6f1
6faef2a9122a84c8ef399b819a303ed612e3aefded8e5dfca6419bc9a2677de3
7003168142ffd80ee90f12b6161defe4f8dc1c331a246ad19f4c2f5577e23d4f
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
7261ac909063abccd2f148d068599ffff4a1b14efaef9d4d6811346195f5fe9c
730412109bc24c266a27e4c2248182c8952c1ec999199851413a1779cd7d0ce7
7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66
776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f
78e7ba30ff35404718abeb4390531a4f5c771ef6ab4ca7b28df072e62149678f
797c3f880053a4308165c199b4d9ce83c1e32dc11244b6b6d63f36c19873ad85
79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168
7c2446cc2139ef1ea46d4b52b490f514d6595af37e3caf0e381d82e73ba91b84
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
7e22819d3433cfdb5d3f848fee01b7cccc863970901de5efa3e80a7eadbd48c4
7e2497636d6c13bedc7f466897ad9690fb055dc123f481b599c9e1174a04fb17
7e78ac302ebdef9842d5c628cef762ed1ad4b9650dd4915810cbf3cdaa86010c
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
8001f648aeb9fc120cf21e4fb1cb72ddc5a3af813c0fcdf325781550bc5e5fb6
8084ba0a6b770ebad7c2008062cce2addda48238bae32f6b720766072ed2937b
82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837b5f84ebd3725304ce3be532c2b5469366c6f934e90d5f06630165fd0f2c5c
846260f5d8d2293aa1141976cee21a4e9a9ec5541dbf128dbe3a8638a828385d
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
859fc224dfddea3a5015809ea2d6f46bd8510f039046c3c158f7c018d8f5fbab
87000dc1fc91f5f17e86030bd9875f8464a04c05e9daabd699fc5b9ae42270c3
87d3abed87820941c3f8f4d8cc01563a8ef74d7886c948b9b0da3e3929bfce92
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8a3a6f420b336bc3d7aacab58830ffeceb3889f0301c88157a97f2dd58c1e040
8a5dffbb0044ab076ecd87275a5835c9063bd7029bca6c599b4b16380a4812f7
8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19
8ac1e08581c5691d74fb1a69b925f400e14db93ddc9451db0b72456e4af3a2f7
8cc8ecec4b1427d4e19a4725c3883fd2aca66f77e3ad154cafbb79fb8e688011
8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788
8fa6086592638a777f6f41ffabb181efb642c571892e578aa4c5b98f4bae0e56
9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f
9055b52f00a8f9a287b035f0a8b5516d25b5cc499db38af730030502a74f5a50
91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc
93f28a18a1df638b539f6bde99c048a50ad7b8a5643c6966a0546a0c50f7cace
943c6368a5480cf4d817121a274cfee0d86b65414ac092b208bd2f256bfac2d5
95cf5e4b3f56fa2d8aae7f6196f6cadb653b68b19520048c75a91ad12d6203df
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a4e22c3170ea6411798cc0ab605b6f67dabe81eb04e417f9c26c160bd374311
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01
9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f
9bc34104becf0f70b8d0412f899571779471946759470dda9132c7e0ab2f50da
9c26961d3cf34f32904ea3ed3e0eebac1fcb99a9fe4c4d6c14a2e9dbb4fe53fb
9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b
a0104827c2d929e856874f8986ed9895567e6af2d0d72c4dee147ffd55867311
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639
a40ebc0090e633530b750cc19e0a9ddc7aacaea9313a0648767d5b1af5399463
a40f3c087da9bfbea0de7d5babcb4c249077d5425932bd973e44485b6cafa5c9
a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2
a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4
a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a
a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626
a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952
ab28525af13ce6f2aa74c54d16f533ee08d6df5555277b29093bb98a3df58a90
ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3
ac6002b55a7bc33de07da0fc1391dbd8b61598823a7768591aed4b0e4a5e421a
ad134decb67c5a253c36cc63d2d463d997d340f7b7500ab7e3cdcfcad2a63ece
add3315d7a7bb82510756eb8828798744b2613a242d9388a73acc0b67b9101a9
af327b368c0805c5f3619ef48de610fb2dce6fbf54fb8e96ada446931ae94c6c
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b174ce765343a7ee6c0ad2d151c5fa838ba7327713146aed8ae41897049476b1
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
b25cf944f2f16d5b989ba66f0f4b9f346e062e11d4775ba3346b33205356ea2e
b39b662997f28827a3d141e224cd93db44e6251335d0f0a19c5971c5f800aef0
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e
b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59
b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67
b61e7247eece2e31587588e19c5517d731ee6b484fa3cef94ccf0503c817a0f4
b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37
b94aaa542870893d7f2358ef9bd17ea004e192822679a250f8d8402aaec5de06
be0ad21d91014508532e64bb6ceb6a4a3e2d5700a74c7c791c8b8df9d194708d
be5544e19bd8ef5503e46a466cb1f233e358f806119ff1c2a1cb884d1503455c
be864bbcd1cbdafd15baab52dd105c799e4f1abd7dddbd142b41fa948b42ba50
bfcef82755bac56e01032d196dc587e851fcfb9a2a1882c7e283b9ea451a17a0
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4
c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb
c46c1b27ca2b58ed0f4d1b10192c4a936bee51bd70e71a8f4e8358325c72a2a3
c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91
c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c7267268f9c7c289603044c43606fcc70de7e25ab5408c956c54e745173b4703
c76620cbca3408b460b44d17494eaacdb69f791771e952d0d55ac969d3e9a390
c888207ec2660133ee61a01bea89adf3cb4f48eec63ab6f7676d7420b731f715
ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cabd6c6e2ce478bc6a9344f5f75f501bbf6b7ba8fd54d7487e7a09279f3a34d7
cb2f05afe52d86b8eb74cabe30b58eacd40e24dd5eb9e982e2d961de6720f8cd
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01a3756db37f2ada0dabf92b1eb9bc7593a90eb07697af344affebe28cd54a0
d30f436b9752f07747f2b72cc77985554918de4f9b5e74c65271c89e3b1501b6
d3cda20140593c9613a699c99f680e31fe7a5ddad80ce5d868c527c79f33d047
d72c8adb9972c2d7a5f2b03a917eb656dbae5266b674d46a0d7fabcb2d3d6847
d75b0bb363405bfd9ea9fa89ac607b4620e127017507e8d532607eab88267304
d7a71d3dd740e95755227ba6446a3a21b8af6c4444f29ec2411dc7cd306e10b0
d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb
d80f6523545dad74a52c6afbc2db2210fa1418e86cdf000233c482e199ed8b79
d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
da65b5ddc281d0d1fb7ac543801da80c7cb3cff809ba4c6e54cb38db517acafd
da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968
dbd4ea5e26cff619ebe31130ce16126cdcaff265a697139b20c80a960954832f
dc0277a17da34b285d5c6101aef49113849b4f02987b0d5e32a84755d14aedb3
dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a
dce7c8bed2dc3ef4a57bac3d4a291de1698a676d288de554bf7d6bd88689e9dc
dde249f74452af2530b578d83d5bc26a4d1f62030baf5465ceeb2d783754771b
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e049b42df046beda51f4dd4bd24484e0f94e12e60e2a419e48cf33dcc442c1b2
e0f7ee4c8a10c176e17bed490589dadd0bc176264e286deecf6b4b9d1e3a89fb
e1069c844742374ce5d55bf288826350c3c5c26c1bcdbde43f76c51c8e2df535
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e31a5516051e3dcd6be48ada99dbf2d270db37dd3a304fded21e105f6c733bf5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e404e36423039012e2c65a0b6b38cd90cfe3b100dc8b10d0b70be47f7efb655f
e4403ad1a4d38cd70835a801b766a39f56f26445af5d1db2b2743a70c2e6b979
e5e2b708ffcf110a8eb87cbb4e6b3432f0a683b1aa0b3ca58ba5eb9d90a4b565
e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7
ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15
eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d
f0b21457a580b5103d86ffe6b3886f8ffb80a7549014e3a87289f2627a85988c
f0b2452b9b804aab984fe166b5eb4d377118b891a6e270b66aeb5c8d088b661d
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183
f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7a268fe54141807077d99c931e63dc4ed814892add35accf4f92fb98b0030d0
f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d
f8250d804246087f3cde719cfe1deafd57ec52a45a8144f2283ec93adfc56c32
f89f1fe1c86dc63bdd3668f2922215318bc10dc9ade1d22300121b41d541f726
f9f4535236c0f9adcd24c475579dbb84b70fe4aa3f06a5201aac7b2e5654eb8e
fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4
fb0cf69cc1d941b0d4c565d0e364b60692b498d3f80d71388f6fc363dd0a8a1c
fb62d4052ef644a71f9b602bef92e7b5131f7b5f155945b995cd1fd554f1695b
fbad6dc4504c5532ebfe0adaccd98487ef1ab3f6a13d5d3397bd9f2b06ecf044
fbb819b3d7b809e1b07a1ab6a3d0e87b89d4fe432d06defa2330a27d905ecace
fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9
fc955a1b25871f0695fd7962e55639e2b008b7b946000ead3ff48742aac0af63
fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251
fd10f45a43828208fd2197f4c4147fb92d8b21015def2c1ba4a81a035d87c218
fe03d5e08b004f060477ef9bbdf515cf73018216f8fb304dc6d9badf788eb4d4
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

sky.pasukanantidepo.shop Open in urlscan Pro 2606:4700:3034::6815:312f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

1361 Requests

89 %HTTPS

30 %IPv6

101 Domains

138 Subdomains

83 IPs

8 Countries

146801 kBTransfer

157912 kBSize

155 Cookies

29 Outgoing links

Page URL History

Redirected requests

1361 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sky.pasukanantidepo.shop Open in urlscan Pro
2606:4700:3034::6815:312f Public Scan

Screenshot
Live screenshot

Full Image

1361
Requests

89 %
HTTPS

30 %
IPv6

101
Domains

138
Subdomains

83
IPs

8
Countries

146801 kB
Transfer

157912 kB
Size

155
Cookies

1361 HTTP transactions
11 data transactions