sky.pasukanantidepo.shop Open in urlscan Pro
2606:4700:3034::ac43:9ed3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sky.pasukanantidepo.shop/
Submission: On January 28 via api (January 28th 2024, 6:13:02 am UTC) from US — Scanned from US

Summary HTTP 400 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 60 IPs in 5 countries across 61 domains to perform 400 HTTP transactions. The main IP is 2606:4700:3034::ac43:9ed3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sky.pasukanantidepo.shop.
TLS certificate: Issued by E1 on December 1st 2023. Valid for: 3 months.

This is the only time sky.pasukanantidepo.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3034::ac43:9ed3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	2606:4700:303... 2606:4700:3035::6815:5055	13335 (CLOUDFLAR...) (CLOUDFLARENET)
74	192.0.72.22 192.0.72.22	2635 (AUTOMATTIC) (AUTOMATTIC)
6	142.4.219.198 142.4.219.198	16276 (OVH) (OVH)
1 1	2606:4700:303... 2606:4700:3032::ac43:d74f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	2606:4700:303... 2606:4700:3037::6815:605a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:10:... 2606:4700:10::6814:4f63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	149.56.240.131 149.56.240.131	16276 (OVH) (OVH)
2	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
12	2606:4700:303... 2606:4700:3033::6815:51c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	13.225.195.127 13.225.195.127	16509 (AMAZON-02) (AMAZON-02)
11	52.15.236.209 52.15.236.209	16509 (AMAZON-02) (AMAZON-02)
1	104.18.34.83 104.18.34.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
7	13.225.195.59 13.225.195.59	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:20:... 2606:4700:20::ac43:4aba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
8 8	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5 12	34.197.192.192 34.197.192.192	14618 (AMAZON-AES) (AMAZON-AES)
5 5	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
5	54.192.51.72 54.192.51.72	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
20	23.73.207.17 23.73.207.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1 7	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	100.25.178.23 100.25.178.23	14618 (AMAZON-AES) (AMAZON-AES)
5 6	68.67.161.208 68.67.161.208	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.215.220.20 18.215.220.20	14618 (AMAZON-AES) (AMAZON-AES)
1	18.214.41.71 18.214.41.71	14618 (AMAZON-AES) (AMAZON-AES)
5	54.192.51.122 54.192.51.122	16509 (AMAZON-02) (AMAZON-02)
3	3.130.132.252 3.130.132.252	16509 (AMAZON-02) (AMAZON-02)
3 3	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	23.220.132.230 23.220.132.230	() ()
1	23.34.194.26 23.34.194.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	3.211.54.87 3.211.54.87	14618 (AMAZON-AES) (AMAZON-AES)
14	2606:4700:303... 2606:4700:3031::ac43:b058	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3031::6815:6083	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.21.33.16 52.21.33.16	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
17	2606:4700:303... 2606:4700:3036::6815:3d6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:b044	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	85.187.128.38 85.187.128.38	55293 (A2HOSTING) (A2HOSTING)
5	34.193.241.34 34.193.241.34	14618 (AMAZON-AES) (AMAZON-AES)
4	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
5	3.161.213.66 3.161.213.66	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::ac43:e8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.0.72.18 192.0.72.18	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1 2	2606:4700:10:... 2606:4700:10::ac43:28ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12 13	54.146.37.4 54.146.37.4	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	13.225.195.75 13.225.195.75	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
6	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2607:f8b0:400... 2607:f8b0:4004:c1f::84	15169 (GOOGLE) (GOOGLE)
22	172.96.191.134 172.96.191.134	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
3 3	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	44.194.20.78 44.194.20.78	14618 (AMAZON-AES) (AMAZON-AES)
1 2	50.17.221.242 50.17.221.242	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.150 74.119.119.150	() ()
2 4	18.211.142.103 18.211.142.103	() ()
1	2600:1f18:ed:... 2600:1f18:ed:550e:6c65:3c0a:bacf:2e64	() ()
2 2	35.211.178.172 35.211.178.172	() ()
2 2	34.200.65.202 34.200.65.202	() ()
2 2	151.101.66.49 151.101.66.49	() ()
1	2606:4700:303... 2606:4700:3036::ac43:a392	() ()
1	216.200.232.249 216.200.232.249	() ()
400	60

13 2606:4700:3034::ac43:9ed3 (United States)

ASN13335 (CLOUDFLARENET, US)

sky.pasukanantidepo.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::6815:5055 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

m2.treksantuy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bolo.treksantuy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 192.0.72.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

antoboomerblog.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dolarpro.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.4.219.198 (Canada)

ASN16276 (OVH, FR)
PTR: ns5000868.ip-142-4-219.net

s4is.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:d74f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

treksantuy.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3037::6815:605a (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

widget.angkapaito.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wget.angkapaito.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 149.56.240.131 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534299.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3033::6815:51c (United States)

ASN13335 (CLOUDFLARENET, US)

king.laskar2d.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.225.195.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-127.yul62.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.15.236.209 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-236-209.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.195.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-59.yul62.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4aba (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 146.59.148.16 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 15.197.193.217 (Seattle, United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.197.192.192 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.115.155 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.192.51.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-72.yul62.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 23.73.207.17 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-73-207-17.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.24 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 100.25.178.23 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-178-23.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.161.208 (Jersey City, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.220.20 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-220-20.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.41.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-41-71.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.192.51.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-122.yul62.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.130.132.252 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-132-252.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.220.132.230 (None, ) 1 redirects

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.34.194.26 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-194-26.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.211.54.87 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-54-87.compute-1.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3031::ac43:b058 (United States)

ASN13335 (CLOUDFLARENET, US)

bolo.treksantuy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:6083 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

treksantuy.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.33.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io

momen.tm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3036::6815:3d6a (United States)

ASN13335 (CLOUDFLARENET, US)

v1.prediktorangka.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:b044 (United States)

ASN13335 (CLOUDFLARENET, US)

wget.angkapaito.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 85.187.128.38 (Singapore, Singapore)

ASN55293 (A2HOSTING, US)
PTR: sg1-tr1.supercp.com

markas-prediktor.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.193.241.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-241-34.compute-1.amazonaws.com

track2.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.161.213.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-66.yul62.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:e8b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.72.18 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

adsbaner.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:28ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.146.37.4 (Ashburn, United States) 12 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-37-4.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.195.75 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-75.yul62.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4004:c1f::84 (Washington, United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.96.191.134 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.134-static.reverse.arandomserver.com

zona-bermain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.194.66.159 (Washington, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.194.20.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-20-78.compute-1.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.17.221.242 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-221-242.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.211.142.103 (None, ) 2 redirects

ASN- ()

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:6c65:3c0a:bacf:2e64 (None, )

ASN- ()

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (None, ) 2 redirects

ASN- ()

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:a392 (None, )

ASN- ()

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (None, )

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	wordpress.com antoboomerblog.files.wordpress.com dolarpro.files.wordpress.com adsbaner.files.wordpress.com	58 MB
34	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 12612 t.sharethis.com — Cisco Umbrella Rank: 5730 sync.sharethis.com — Cisco Umbrella Rank: 2756	77 KB
28	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12324	42 MB
24	histats.com s4is.histats.com — Cisco Umbrella Rank: 634486 s10.histats.com — Cisco Umbrella Rank: 14576 s4.histats.com — Cisco Umbrella Rank: 14129	84 KB
22	zona-bermain.com zona-bermain.com	365 KB
20	treksantuy.xyz 3 redirects m2.treksantuy.xyz bolo.treksantuy.xyz	4 MB
19	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5021 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6723 data-beacons.s-onetag.com — Cisco Umbrella Rank: 14306	69 KB
17	prediktorangka.xyz v1.prediktorangka.xyz	739 KB
14	liadm.com 12 redirects i.liadm.com — Cisco Umbrella Rank: 550 i6.liadm.com	9 KB
13	pasukanantidepo.shop sky.pasukanantidepo.shop	860 KB
12	markas-prediktor.info markas-prediktor.info	127 KB
12	eyeota.net 5 redirects ps.eyeota.net — Cisco Umbrella Rank: 1074	7 KB
12	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 16248 t.dtscout.com — Cisco Umbrella Rank: 13665	23 KB
12	laskar2d.xyz king.laskar2d.xyz	122 KB
11	crwdcntrl.net 2 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net	96 KB
10	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 671 ce.lijit.com — Cisco Umbrella Rank: 859	5 KB
8	adsrvr.org 8 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	3 KB
8	onaudience.com 6 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3060	3 KB
7	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349	2 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	99 KB
6	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 490 ib.adnxs.com	6 KB
6	angkapaito.net 3 redirects widget.angkapaito.net wget.angkapaito.net	3 KB
5	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 1555
5	securedvisit.com track2.securedvisit.com — Cisco Umbrella Rank: 4440	886 B
5	doubleclick.net 5 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260	2 KB
5	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14516	2 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	166 KB
4	w.org s.w.org — Cisco Umbrella Rank: 3198	2 KB
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 856	1 KB
3	gstatic.com fonts.gstatic.com	121 KB
3	bluekai.com 1 redirects tags.bluekai.com stags.bluekai.com Failed	1 KB
3	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 451	1 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 7362	2 KB
3	33across.com 1 redirects dp2.33across.com — Cisco Umbrella Rank: 12127 dp1.33across.com — Cisco Umbrella Rank: 7249	592 B
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 13409 ic.tynt.com — Cisco Umbrella Rank: 11236 de.tynt.com — Cisco Umbrella Rank: 1526	9 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	643 B
2	yahoo.com 2 redirects cms.analytics.yahoo.com ups.analytics.yahoo.com	568 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1645	2 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 3325 mwzeom.zeotap.com — Cisco Umbrella Rank: 3434	889 B
2	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 4899	31 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1870	556 B
2	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 790	826 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1811 beacon.krxd.net — Cisco Umbrella Rank: 784	499 B
2	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 15285	5 KB
1	mathtag.com sync.mathtag.com	588 B
1	dtssrv.com a.dtssrv.com	443 B
1	criteo.com dis.criteo.com	363 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 841	1 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1381	416 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	79 KB
1	momen.tm momen.tm
1	treksantuy.asia 1 redirects treksantuy.asia	425 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 6188	16 KB
1	treksantuy.tech 1 redirects treksantuy.tech	452 B
0	bidr.io Failed match.prod.bidr.io Failed
0	kaptenoleng.com Failed kaptenoleng.com Failed
0	addthis.com Failed x.dlx.addthis.com Failed
400	61

	Domain	Requested by
67	antoboomerblog.files.wordpress.com	sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz
28	blogger.googleusercontent.com	markas-prediktor.info
22	zona-bermain.com	markas-prediktor.info zona-bermain.com
20	t.sharethis.com	pd.sharethis.com t.sharethis.com bolo.treksantuy.xyz king.laskar2d.xyz sky.pasukanantidepo.shop v1.prediktorangka.xyz markas-prediktor.info
17	v1.prediktorangka.xyz	bolo.treksantuy.xyz v1.prediktorangka.xyz code.jquery.com
17	bolo.treksantuy.xyz	sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz
13	i.liadm.com	12 redirects bolo.treksantuy.xyz
13	sky.pasukanantidepo.shop	sky.pasukanantidepo.shop
12	markas-prediktor.info	king.laskar2d.xyz markas-prediktor.info
12	ps.eyeota.net	5 redirects sky.pasukanantidepo.shop data-beacons.s-onetag.com
12	king.laskar2d.xyz	sky.pasukanantidepo.shop king.laskar2d.xyz
12	s10.histats.com	sky.pasukanantidepo.shop s10.histats.com bolo.treksantuy.xyz king.laskar2d.xyz v1.prediktorangka.xyz markas-prediktor.info zona-bermain.com
11	pd.sharethis.com	e.dtscout.com sky.pasukanantidepo.shop t.sharethis.com bolo.treksantuy.xyz king.laskar2d.xyz v1.prediktorangka.xyz markas-prediktor.info
9	get.s-onetag.com	e.dtscout.com get.s-onetag.com
8	match.adsrvr.org	8 redirects
8	pixel.onaudience.com	6 redirects v1.prediktorangka.xyz e.dtscout.com
7	dolarpro.files.wordpress.com	v1.prediktorangka.xyz
7	px.ads.linkedin.com	1 redirects sky.pasukanantidepo.shop bolo.treksantuy.xyz king.laskar2d.xyz
7	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
6	cdn.jsdelivr.net	markas-prediktor.info zona-bermain.com
6	ap.lijit.com	1 redirects sky.pasukanantidepo.shop get.s-onetag.com
6	t.dtscout.com	e.dtscout.com
6	e.dtscout.com	s4.histats.com
6	s4.histats.com	s10.histats.com
6	s4is.histats.com	sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz v1.prediktorangka.xyz markas-prediktor.info zona-bermain.com
5	api.intentiq.com	data-beacons.s-onetag.com
5	track2.securedvisit.com	data-beacons.s-onetag.com
5	data-beacons.s-onetag.com	get.s-onetag.com
5	onetag-geo.s-onetag.com	get.s-onetag.com
5	cm.g.doubleclick.net	5 redirects
5	t.dtscdn.com	e.dtscout.com
4	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
4	ce.lijit.com	sky.pasukanantidepo.shop bolo.treksantuy.xyz king.laskar2d.xyz
4	maxcdn.bootstrapcdn.com	markas-prediktor.info maxcdn.bootstrapcdn.com zona-bermain.com
4	s.w.org	bolo.treksantuy.xyz v1.prediktorangka.xyz king.laskar2d.xyz
4	secure.adnxs.com	3 redirects sky.pasukanantidepo.shop
3	um.simpli.fi	3 redirects
3	adsbaner.files.wordpress.com	v1.prediktorangka.xyz
3	fonts.gstatic.com	fonts.googleapis.com
3	tags.bluekai.com	1 redirects bolo.treksantuy.xyz sky.pasukanantidepo.shop
3	idsync.rlcdn.com	3 redirects
3	sync.sharethis.com	sky.pasukanantidepo.shop
3	pixel.tapad.com	3 redirects
3	map.go.affec.tv	2 redirects sky.pasukanantidepo.shop
3	wget.angkapaito.net	sky.pasukanantidepo.shop bolo.treksantuy.xyz king.laskar2d.xyz
3	widget.angkapaito.net	3 redirects
3	m2.treksantuy.xyz	3 redirects
2	ib.adnxs.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	2 redirects
2	dpm.demdex.net	1 redirects sky.pasukanantidepo.shop
2	live.rezync.com	2 redirects
2	cdn.datatables.net	v1.prediktorangka.xyz
2	fonts.googleapis.com	bolo.treksantuy.xyz v1.prediktorangka.xyz
2	ml314.com	1 redirects sky.pasukanantidepo.shop
2	pippio.com	1 redirects sky.pasukanantidepo.shop
2	dp2.33across.com	de.tynt.com sky.pasukanantidepo.shop
2	4.bp.blogspot.com	sky.pasukanantidepo.shop bolo.treksantuy.xyz
1	sync.mathtag.com	markas-prediktor.info
1	a.dtssrv.com	e.dtscout.com
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	i6.liadm.com	bolo.treksantuy.xyz
1	dis.criteo.com	king.laskar2d.xyz
1	p.rfihub.com	1 redirects
1	d.turn.com	1 redirects
1	mwzeom.zeotap.com	king.laskar2d.xyz
1	spl.zeotap.com	1 redirects
1	code.jquery.com	v1.prediktorangka.xyz
1	momen.tm	bolo.treksantuy.xyz
1	treksantuy.asia	1 redirects
1	tags.bkrtx.com	pd.sharethis.com
1	dp1.33across.com	1 redirects
1	beacon.krxd.net	sky.pasukanantidepo.shop
1	usermatch.krxd.net	1 redirects
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	sky.pasukanantidepo.shop
1	cdn.tynt.com	e.dtscout.com
1	treksantuy.tech	1 redirects
0	match.prod.bidr.io Failed	sky.pasukanantidepo.shop bolo.treksantuy.xyz
0	kaptenoleng.com Failed	zona-bermain.com
0	x.dlx.addthis.com Failed	bolo.treksantuy.xyz
0	stags.bluekai.com Failed	tags.bkrtx.com
400	83

This site contains links to these domains. Also see Links.

Domain
hknalo.us.com
bandarnalo.agency
paitowarna.co.com
slotindo.ws
agennalo.city
gacorbgt.com
www.histats.com
refanprediction.shop
ceperprediction.net
angkajp.icu
king.laskar2d.xyz
p1.wlatogel88makna.net
p1.coolkaisartoto88.net
p1.dicobaindolottery88.net
p1.hdxdunialottery88.net
masukjabrix4d.com
p1.companyindoboss6d.com
p1.softmicrotogel88.net

Subject Issuer	Validity	Valid
pasukanantidepo.shop E1	`2023-12-01` - `2024-02-29`	3 months	crt.sh
*.files.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
treksantuy.xyz E1	`2023-12-13` - `2024-03-12`	3 months	crt.sh
angkapaito.net GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
laskar2d.xyz GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
cert1-prod.aut.a24365.net R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
prediktorangka.xyz GTS CA 1P5	`2023-12-13` - `2024-03-12`	3 months	crt.sh
webdisk.markas-prediktor.info R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-03-12` - `2024-04-10`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.onaudience.com Go Daddy Secure Certificate Authority - G2	`2023-03-28` - `2024-04-28`	a year	crt.sh
www.zona-bermain.com.gubukprediction.com R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
dtssrv.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh

This page contains 34 frames:

Primary Page: https://sky.pasukanantidepo.shop/
Frame ID: 9D90EEDCDB1FE72FC9CD1335D3AED93B
Requests: 81 HTTP requests in this frame

Frame: https://bolo.treksantuy.xyz/
Frame ID: 0881925013F3913837C860C5670F209A
Requests: 58 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: 74C3D6FDAB697E9E70B2829D497C95C7
Requests: 1 HTTP requests in this frame

Frame: https://king.laskar2d.xyz/
Frame ID: 17A07EC041CC7B1A2C1A54C85110463B
Requests: 65 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=1040170642237250578C5E26DACD5E6F
Frame ID: 1D5B793F08E10C4CD279F6D5BE304409
Requests: 1 HTTP requests in this frame

Frame: https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1706422373813.6
Frame ID: 8CC2986FE70BA56A2231F3E04D5F6E2E
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 478B7D68B3273484D585F18B5541969C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 3EBDDD668D0E80B2914AD41017BE570E
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: FFE3FF9931391DB48F6BA694E834A259
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGAACWW18GUAAAAIZH1dAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1275.23381%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1275.23381%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=1491990
Frame ID: 39926B7F2CE85145FD423D68C57B50AC
Requests: 1 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: 07385F5B780FE941A90AACFF818D5501
Requests: 1 HTTP requests in this frame

Frame: https://v1.prediktorangka.xyz/
Frame ID: E81C3FF49D4AB038A1B1ADA4C1D427D8
Requests: 60 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: EB275E3EB3A98DCA1424F01B70D0D995
Requests: 1 HTTP requests in this frame

Frame: https://markas-prediktor.info/
Frame ID: A77192A62ADAB7104A696F08743CC889
Requests: 66 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=92335
Frame ID: F90A4EE5B083EEC1BF3F7E5CD8ED6375
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 96CFFBE2C35BCE70DD1CDC8A2003802A
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 1E4710289BD601DB3D1661C9B0407364
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 1BB7F432FAB068CED0C7F2107057F602
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 7F43A20554193E8D3E80363F9584C082
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=32195
Frame ID: C5CCF819E631AFA76EA0CF32B746B080
Requests: 1 HTTP requests in this frame

Frame: https://zona-bermain.com/
Frame ID: A34E32565F12A49087444FE795F53196
Requests: 38 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 3F385B15E42F8D8AEC348A801596F274
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: F647B17096D83367E1A300D3BDCC5E6C
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 2F0ED0C1D868307BAF27EDDFB2D98FCF
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
Frame ID: 7EAACD9313CE82FA92A40D8E24543A47
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C
Frame ID: 9EEA947CB2BDE09AE3F357A81A9C4B5C
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=90245
Frame ID: 75F530F867A95D8CB613C04D9AC3E2F5
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=93947
Frame ID: 482F9CF194F31162C000CC0D8688661D
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: F848D76358B64ED4F59328BC0BADDA36
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=14624
Frame ID: 92066A88A5A7A675DC791DECC0ACCEBF
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 7F521E88C9577A4656D5700088881B86
Requests: 1 HTTP requests in this frame

Frame: https://zona-bermain.com/kombinasi/
Frame ID: C69B36BDD084E0F5FEFF4BAFFD09436A
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 103D629680955EA0110D4DB839C6BDE8
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C92%2C79%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 7C508AD967E635C19386C2849F8B83A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PASUKAN ANTI DEPO – PREDIKSI ANGKA JITU WLA HARI INI

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

400
Requests

88 %
HTTPS

34 %
IPv6

61
Domains

83
Subdomains

60
IPs

5
Countries

110476 kB
Transfer

113546 kB
Size

78
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://hknalo.us.com/link.php?member=boomer1358

Search URL Search Domain Scan URL

URL: https://bandarnalo.agency/link.php?member=boomer1358

Search URL Search Domain Scan URL

URL: http://paitowarna.co.com/?ref=Boomer1358

Search URL Search Domain Scan URL

URL: http://slotindo.ws/register?ref=1241021

Search URL Search Domain Scan URL

URL: http://agennalo.city/?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/tpking/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/rgclock/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/rgbasic/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/jkbrain/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/pkboss/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/ttbright/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/jpkind/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/idticket/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/gtgold/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/gtpath/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/ahart/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/8080salt/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/8table/

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=4660281&ccid=3026

Search URL Search Domain Scan URL

URL: http://refanprediction.shop/wp/
Title: Refan jambi

Search URL Search Domain Scan URL

URL: http://ceperprediction.net/
Title: ceper

Search URL Search Domain Scan URL

URL: http://angkajp.icu/
Title: b4g4s

Search URL Search Domain Scan URL

URL: https://king.laskar2d.xyz/
Title: boomer

Search URL Search Domain Scan URL

URL: https://p1.wlatogel88makna.net/user/register.html?ref=boomer1358

Search URL Search Domain Scan URL

URL: https://p1.coolkaisartoto88.net/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://p1.dicobaindolottery88.net/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://p1.hdxdunialottery88.net/user/register.html?ref=boomer1358

Search URL Search Domain Scan URL

URL: https://masukjabrix4d.com/m/link.php?member=boomer1358

Search URL Search Domain Scan URL

URL: https://p1.companyindoboss6d.com/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://p1.softmicrotogel88.net/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 27

https://treksantuy.tech/ HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 28

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 57

https://pixel.onaudience.com/?partner=137085098&mapped=1040170642237250578C5E26DACD5E6F HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=21dd445f-53ea-410b-9287-9275ccc51e48&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=4a4ced07dc717f8b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mi03a3FROUNqa1ZJSFdiOTVwVTNMNnhiUWRqX3E3N0dfbktXTGZpZWZuVFE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mi03a3FROUNqa1ZJSFdiOTVwVTNMNnhiUWRqX3E3N0dfbktXTGZpZWZuVFE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEOD0-eM19DcneA8XqcbE4Mw&google_cver=1

Request Chain 70

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Brand+Safety%2FMilitary&us_privacy=&random=1706422373813.1 HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Brand+Safety%2FMilitary&us_privacy=&random=1706422373813.1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnFEaWFseWE2cUpXbDFQWE9pZnB6UUpwYVk2Q3JJU0N4VFBHS1RULVRvX3M&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnFEaWFseWE2cUpXbDFQWE9pZnB6UUpwYVk2Q3JJU0N4VFBHS1RULVRvX3M&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEPJQ4IlRTRRtViOeLSdMUkA&google_cver=1

Request Chain 71

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&_rand=1706422373813.2 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&_rand=1706422373813.2&expected_cookie=757e7662-ef7b-4ed8-816c-97bda61f6fc9

Request Chain 72

https://map.go.affec.tv/map/3a/?pid=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&ts=1706422373813.3 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65b5f065bc6e4100010bdaaf%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65b5f065bc6e4100010bdaaf%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://map.go.affec.tv/map/an/5294388161815131724?ch=65b5f065bc6e4100010bdaaf&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://map.go.affec.tv/map/ttd/21dd445f-53ea-410b-9287-9275ccc51e48?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 73

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&random=1706422373813.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&random=1706422373813.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=779ed7a5-35a5-4b1a-95d2-4636b76203c3%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=21dd445f-53ea-410b-9287-9275ccc51e48&ttd_puid=779ed7a5-35a5-4b1a-95d2-4636b76203c3%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 75

https://dp1.33across.com/ps/?pid=669&uid=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&random=1706422373813.7&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212460214435093&seg_code=33x&random=1706422374 HTTP 307
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212460214435093%26seg_code%3D33x%26random%3D1706422374

Request Chain 77

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 110

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=21dd445f-53ea-410b-9287-9275ccc51e48&gdpr=0&gdpr_consent=

Request Chain 111

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGAACWW18GUAAAAIZH1dAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdBQUNXVzE4R1VBQUFBSVpIMWRBdz09EAAaDQjm4NetBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=155261f4bf81ddacf2466d2ab0ef9f162007d7fbd4cbc2275911741bf01686fc791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=155261f4bf81ddacf2466d2ab0ef9f162007d7fbd4cbc2275911741bf01686fc791426b5417dce21&rand=08376149

Request Chain 112

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2cx_oltPw_p74cU4BVQ57xI3y0lAoEAUEGTfyW1HK5XE&gdpr=0&gdpr_consent=

Request Chain 113

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGAACWW18GUAAAAIZH1dAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3641664108781109264 HTTP 307
https://ml314.com/csync.ashx?fp=959ae8c3259c196c83144ad33a14b7d1c68ab1d2802c9e696964219314216936f4cb09cee1a4f8eb&person_id=3641664108781109264&eid=50082

Request Chain 114

https://tags.bluekai.com/site/59574?id=ZGAACWW18GUAAAAIZH1dAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 121

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 139

https://treksantuy.asia/wp-content/themes/frontier/images/honeycomb.png HTTP 301
https://momen.tm/ZdO9uN

Request Chain 141

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 142

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 159

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 173

https://pixel.onaudience.com/?partner=137085098&mapped=1040170642237250578C5E26DACD5E6F HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=b0d4de54d60b388e

Request Chain 220

https://pixel.onaudience.com/?partner=137085098&mapped=1040170642237250578C5E26DACD5E6F HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=7155e997ad8662f2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=353d3f62-6796-438a-78e2-9e9b625d882d&reqId=b277d339-abbf-4a38-5aee-07540e994e3b&zcluid=7155e997ad8662f2&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEDmLTojAEI2WNag2en-a7Nk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=353d3f62-6796-438a-78e2-9e9b625d882d&reqId=b277d339-abbf-4a38-5aee-07540e994e3b&zcluid=7155e997ad8662f2&zdid=1332

Request Chain 225

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=29995 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=29995&_li_chk=true&previous_uuid=1aa618d14548452c9fe0a29cf17233fc HTTP 303
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8233015085601279756 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=1aa618d1-4548-452c-9fe0-a29cf17233fc HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=d861f7ba-777c-427e-bda3-d66fa0f036a9%3A1706422376.7564077&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd861f7ba-777c-427e-bda3-d66fa0f036a9%253A1706422376.7564077%26pid%3D500040%26it%3D1%26iv%3Dd861f7ba-777c-427e-bda3-d66fa0f036a9%253A1706422376.7564077%26_%3D1706422376.7588913&cb=1706422376.758941 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2810035095662728572&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd861f7ba-777c-427e-bda3-d66fa0f036a9%253A1706422376.7564077%26pid%3D500040%26it%3D1%26iv%3Dd861f7ba-777c-427e-bda3-d66fa0f036a9%253A1706422376.7564077%26_%3D1706422376.7588913 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d861f7ba-777c-427e-bda3-d66fa0f036a9%3A1706422376.7564077&pid=500040&it=1&iv=d861f7ba-777c-427e-bda3-d66fa0f036a9%3A1706422376.7564077&_=1706422376.7588913 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1706422376.7588913&iv=d861f7ba-777c-427e-bda3-d66fa0f036a9:1706422376.7564077

Request Chain 305

https://um.simpli.fi/lj_match?r=55757 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994

Request Chain 322

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=9607 HTTP 303
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=1aa618d1-4548-452c-9fe0-a29cf17233fc

Request Chain 325

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=28006 HTTP 303
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=1aa618d1-4548-452c-9fe0-a29cf17233fc HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=1aa618d1-4548-452c-9fe0-a29cf17233fc

Request Chain 343

https://um.simpli.fi/lj_match?r=54025 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994

Request Chain 345

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=44682 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 346

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=IEL0ASZHXTLlTGISRgSRbBX9/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=IEL0ASZHXTLlTGISRgSRbBX9/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=7806a064f8ae922543ddf0b06ffb7829

Request Chain 375

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=82137 HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=21dd445f-53ea-410b-9287-9275ccc51e48 HTTP 303
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=21dd445f-53ea-410b-9287-9275ccc51e48

Request Chain 377

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=28195 HTTP 303
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=1aa618d1-4548-452c-9fe0-a29cf17233fc&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=1aa618d1-4548-452c-9fe0-a29cf17233fc&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=b7a8802c-4388-4a05-a224-699fa1ff000a HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=21dd445f-53ea-410b-9287-9275ccc51e48

Request Chain 384

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=21dd445f-53ea-410b-9287-9275ccc51e48&bid=1e2n4ou

Request Chain 385

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-13etd7NE2pUBf43B309KzEWzy6Aq65p0lsU-~A

Request Chain 386

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZbXwawAApM237wA9 HTTP 302
https://ps.eyeota.net/match?uid=ZbXwawAApM237wA9&bid=0rijhbu&referrer_pid=51md42u&_test=ZbXwawAApM237wA9

Request Chain 387

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=5294388161815131724&bid=2cr76e1&referrer_pid=51md42u

Request Chain 391

https://zona-bermain.com/kombinasi HTTP 301
https://zona-bermain.com/kombinasi/

Request Chain 396

https://um.simpli.fi/lj_match?r=75345 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994

Request Chain 397

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=28336 HTTP 303
https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 HTTP 302
https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=5294388161815131724&gdpr=0 HTTP 303
https://sync.mathtag.com/sync/img?mt_exid=36&1aa618d1-4548-452c-9fe0-a29cf17233fc

Request Chain 398

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IEL0ASZHXTLlTGISRgSRbBX9 HTTP 302
https://thrtle.com/sync?_reach=1&vxii_pdid=IEL0ASZHXTLlTGISRgSRbBX9&vxii_pid=12&vxii_pid1=7002&vxii_rcid=1068142f-5acd-4518-bff3-266d522961a6&vxii_rmax=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/throtle

Request Chain 407

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IEL0ASZHXTLlTGISRgSRbBX9 HTTP 302
https://thrtle.com/sync?_reach=1&vxii_pdid=IEL0ASZHXTLlTGISRgSRbBX9&vxii_pid=12&vxii_pid1=7002&vxii_rcid=c3aab941-7a09-4f57-a13e-1e5b68bc8585&vxii_rmax=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/throtle

400 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sky.pasukanantidepo.shop/ 49 KB
12 KB 1130ms
1044ms Document
text/html 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c865fbae27fc2f008b555a9c2a9d057f870dc216d9db301c8f8588910673e3c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c7160b6dc86dd3-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 06:12:52 GMT
link: <https://sky.pasukanantidepo.shop/wp-json/>; rel="https://api.w.org/" <https://sky.pasukanantidepo.shop/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://sky.pasukanantidepo.shop/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42P%2B%2B4znnO3oC4pQnxj9Vso9UfnZtQSjm76v3HkPOl5C0Uzs3%2BbOhQvgQi8sdJwv24AFipOhbGxOjbzKytWVrYmis7GTBeSrkowGgwT%2FF9%2B2CDafLRVPXVJSB%2FJrcYmnoDA6cLW0cIpUQq%2FWKcfkYI3rn5o1pqc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
sky.pasukanantidepo.shop/wp-includes/css/dist/block-library/ 107 KB
15 KB 36ms
35ms Stylesheet
text/css 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 56267
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpK%2BVswhz2hVhs%2BWk6R1fV8p8jK%2B4y4eUU3hzMsnhNRpL7XX7EZf8kGWP8LjP1WAfCzQyZejz7Y045RHtJg8eTxS5ARKktuOCxwSIOIeRTeoft3qFfo%2BEZTwsxXbV%2BnqJpLVly8Svx6eeAIRVWPb%2Fa%2BMaFVR5oI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161209a46dd3-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Feb 2024 14:35:05 GMT

GET
BLOB 200
OK ce302e75-60dd-43dd-8901-78a20164f5f6
https://sky.pasukanantidepo.shop/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sky.pasukanantidepo.shop/ce302e75-60dd-43dd-8901-78a20164f5f6
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 sidebar-login.css
sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/ 2 KB
692 B 37ms
37ms Stylesheet
text/css 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1688220023
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 56267
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LR5fTDd8ukqwlnlA1%2BWIz%2B4PGknTdZoDAbTkDVf8JCBxuX7WLETTzGSbmLPCo%2FIvbJzV8VSCsLc%2Fqtx8M5e%2B9f8Tx2NsJsxU7CvlyxyBLXOWCx1BSkx5v5FCanrsVWNJas8CHmD7hyWARC%2FL%2F2trH%2FRdCWMijBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161229d36dd3-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Feb 2024 14:35:05 GMT

GET
H2 200 style.css
sky.pasukanantidepo.shop/wp-content/themes/asteroid/ 28 KB
9 KB 34ms
34ms Stylesheet
text/css 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2023 09:04:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 337269
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaxcYf3AbSRRzo4WmDwaeij5qU4L5xy0WdmHVpge7ruQfMq2xVvQ%2Bp5JhD8xa60De1jyMTuBnfmknSKlHifR1GOlVFai1w5IZr8rzcfiUv2B%2B5KJE3tKUP0zEiQnC1jMuF9%2B9vZFNiyENrcvSLHxbBsWFejjOdM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161229d86dd3-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 08:31:42 GMT

GET
H2 200 jquery.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/jquery/ 86 KB
31 KB 38ms
38ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:06:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 56267
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vE1oEPlGnbBdhd0r4l2dmML%2B1Lq62AJm9Q%2FSR204QaVFfIT4wpVHmwjlIz3WZ3Cw7RpCC5qv4%2FYG2ExnWNkD%2FwEaWgW3s2JTNsXxQAAg0546YALdMD%2BeRjvM5BJWY68OMOQDCrc%2BfzxWvUuj26vBQvsS8dXC5kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161229dd6dd3-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Feb 2024 14:35:05 GMT

GET
H2 200 jquery-migrate.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/jquery/ 13 KB
5 KB 39ms
38ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Aug 2023 21:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 253413
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4qZYAZtMgzQqtAdAFybVmPChXaPJ2uaEBJo39LVoPyG6RgrtMKDiKLLW%2Fm64EkTPACWYtsGnujcYqESuLX9IEP%2BQOMeUDuE62hq%2FSy7%2FWM93%2B1Bsqh3HBp03B%2BGGCKc1Cva8EesEX%2FEcK4c6Dx0cA9UMwWZqYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161229e66dd3-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Feb 2024 07:49:18 GMT

GET
H2

200

/
bolo.treksantuy.xyz/
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

1109ms
1092ms

Image
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 28 Jan 2024 06:12:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BYV8MyeYDTTiCf89TmP2SYK7KbUBNvXx0nqi8QmoDavvTlkw0m6FXU1TfuLhGINHRuD4CWJzprIBS4nIOXiP1RmdAKm40SzFMzZKIzO%2Fubz7%2BWOPahLvnmQh3mqZgMl87mok3ZAZBh9M51%2FSUWiog%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 84c71612a9502878-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 07:12:52 GMT

GET
H2 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ 105 KB
106 KB 97ms
27ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 17 Feb 2024 16:16:44 GMT

GET
H2 200 new-bandarnalo.gif
antoboomerblog.files.wordpress.com/2023/10/ 100 KB
101 KB 39ms
27ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/new-bandarnalo.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:37:19 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 102622
expires: Mon, 05 Feb 2024 20:52:18 GMT

GET
H2 200 paitowarna.gif
antoboomerblog.files.wordpress.com/2023/10/ 156 KB
156 KB 39ms
27ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/paitowarna.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:35:44 GMT
server: nginx
x-orig-src: 0_mogiad
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 159643
expires: Sat, 24 Feb 2024 06:07:08 GMT

GET
H2 200 729x90-animated-1.gif
antoboomerblog.files.wordpress.com/2023/10/ 327 KB
328 KB 38ms
28ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90-animated-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Oct 2023 12:16:32 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335048
expires: Sat, 17 Feb 2024 06:28:12 GMT

GET
H2 200 729x90_agennalo.gif
antoboomerblog.files.wordpress.com/2023/10/ 327 KB
327 KB 91ms
80ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90_agennalo.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 19:28:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 334612
expires: Sun, 18 Feb 2024 07:31:59 GMT

GET
H2 200 unnamed-10.gif
antoboomerblog.files.wordpress.com/2023/11/ 270 KB
271 KB 90ms
80ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-10.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:31:01 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 276544
expires: Sat, 03 Feb 2024 11:11:36 GMT

GET
H2 200 unnamed-11.gif
antoboomerblog.files.wordpress.com/2023/11/ 247 KB
247 KB 71ms
64ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-11.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:32:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 252743
expires: Sun, 11 Feb 2024 14:05:02 GMT

GET
H2 200 unnamed-12.gif
antoboomerblog.files.wordpress.com/2023/11/ 282 KB
283 KB 71ms
64ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-12.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:33:50 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 289127
expires: Fri, 16 Feb 2024 22:13:10 GMT

GET
H2 200 unnamed-13.gif
antoboomerblog.files.wordpress.com/2023/11/ 514 KB
515 KB 72ms
64ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-13.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:34:55 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 526000
expires: Sun, 11 Feb 2024 01:50:47 GMT

GET
H2 200 unnamed-14.gif
antoboomerblog.files.wordpress.com/2023/11/ 291 KB
291 KB 72ms
65ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-14.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:35:54 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 297540
expires: Tue, 06 Feb 2024 19:30:34 GMT

GET
H2 200 unnamed-9.gif
antoboomerblog.files.wordpress.com/2023/11/ 194 KB
194 KB 72ms
65ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-9.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:27:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 198395
expires: Mon, 12 Feb 2024 22:33:45 GMT

GET
H2 200 unnamed-15.gif
antoboomerblog.files.wordpress.com/2023/11/ 388 KB
388 KB 72ms
65ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-15.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:37:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396918
expires: Tue, 06 Feb 2024 18:52:34 GMT

GET
H2 200 unnamed-16.gif
antoboomerblog.files.wordpress.com/2023/11/ 326 KB
326 KB 73ms
66ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-16.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:39:46 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 333383
expires: Sat, 03 Feb 2024 01:45:14 GMT

GET
H2 200 unnamed-17.gif
antoboomerblog.files.wordpress.com/2023/11/ 312 KB
312 KB 73ms
66ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-17.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:41:12 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 319266
expires: Wed, 07 Feb 2024 01:41:58 GMT

GET
H2 200 unnamed-18.gif
antoboomerblog.files.wordpress.com/2023/11/ 188 KB
189 KB 73ms
67ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-18.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:42:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192555
expires: Thu, 15 Feb 2024 04:32:14 GMT

GET
H2 200 unnamed-19.gif
antoboomerblog.files.wordpress.com/2023/11/ 280 KB
281 KB 73ms
66ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-19.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:43:23 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 286968
expires: Sat, 03 Feb 2024 06:43:58 GMT

GET
H2 200 unnamed-20.gif
antoboomerblog.files.wordpress.com/2023/11/ 351 KB
352 KB 73ms
67ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-20.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:44:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 359746
expires: Wed, 14 Feb 2024 04:16:09 GMT

GET
H2 200 unnamed-21.gif
antoboomerblog.files.wordpress.com/2023/11/ 265 KB
265 KB 72ms
68ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-21.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:45:42 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271048
expires: Wed, 21 Feb 2024 00:38:41 GMT

GET
H3 200 pasukan-anti-depo.png
sky.pasukanantidepo.shop/wp-content/uploads/2023/06/ 736 KB
737 KB 1505ms
1504ms Image
image/png 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sky.pasukanantidepo.shop/wp-content/uploads/2023/06/pasukan-anti-depo.png
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95cf5e4b3f56fa2d8aae7f6196f6cadb653b68b19520048c75a91ad12d6203df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 11:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWTgPNMNOPrqZSQXC5wz7o3J7wpIBqCNwK7Y9P3kMdncTM2mFZL%2BtWr1DOwBRFD8lE%2F1kD5XYuY8XMOibumziG7Dt7kFBVagxu5tDkzLCe25itUZOtmL%2FagPptAh%2BfryG6i2bcbmRpNL2ss%2FoSVXwoEfX%2Byx%2FqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84c716129f4f2203-MIA
alt-svc: h3=":443"; ma=86400
content-length: 754054
expires: Sun, 04 Feb 2024 06:12:51 GMT

GET
H/1.1 200
OK 4660281.gif
s4is.histats.com/stats/i/ 1 KB
2 KB 203ms
64ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4660281.gif?4660281&103
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 1170d80cfac6e8afb7ddd54409ab556396199d0a91d6d4c4347af0a6cd4723ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:52 GMT
Connection: close
ETag: -45913594
Content-Length: 1483
Content-Type: image/png

GET
H2

200

/ Show response
bolo.treksantuy.xyz/ Frame 0881
Redirect Chain

https://treksantuy.tech/
https://bolo.treksantuy.xyz/

62 KB
15 KB

2065ms
2064ms

Document
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 248c38ba8b148146d9b650f4ef035c048d8840ff90c3f7e84e7b1f40037c3318

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c716136a0d2878-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 06:12:54 GMT
link: <https://bolo.treksantuy.xyz/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJE5Lk41kfW1h31P1sFqZgrTJuxi72N5F6lLb4KTsFjAGvoV04K0H1HwK%2BlePtviH3xat7KxjgqS4eK7XQGl6xe6CQw1zROw2M%2BLwU6cieH2EA%2BAwotrQF8u6C6rUffIPZBdt6VYwvE9SuovK3EgXMMk"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 84c716132fef7435-MIA
date: Sun, 28 Jan 2024 06:12:52 GMT
expires: Sun, 28 Jan 2024 07:12:52 GMT
location: https://bolo.treksantuy.xyz
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CC69M9g%2FI1bmy4Tq8oVhWoCFxlYByWZLAWVjDWbIiCYl8jdmbpgw8TnaVqVn%2FQRKXa%2Fnzf0vUGFi392pktYP32s3reJRhACcnrCBKdwHANYMazrWh4s12NLUzpxrWmLhqdmfBwmWCnUcZMicDDE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

result.php Show response
wget.angkapaito.net/ Frame 74C3
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
814 B

137ms
121ms

Document
text/html

2606:4700:3037::6815:605a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:605a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7151ca0d77e0125fe9a89dfae59d7dcdb36527ffb391715de9380635d0cf73

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c71613fae65c64-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 06:12:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMbvXCoVU31wcaRmgoshYfAV%2FCPWYJiYl4HRsEgkP1rea7iMBgTz%2BplqQxxK%2FYTP3c2iIIFuJWvUVb0VL%2FtU%2FZvM4bCyHdBuWyNZXRf%2BnlYPSOBWVAQTYUG09zw%2B8y1cXB9e0flS3%2Bik%2F9rcMjsle2hB"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c7161309b45c64-MIA
content-type: text/html
date: Sun, 28 Jan 2024 06:12:52 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YztA8VI0ybh8NJaNME7o%2F6gjx7peAb3Kk0E04Fz%2B8MBjrMD8YWekTquCqHoF4HKE5992ILKDLLZxpZDZ2IOj9Jv7baN530nXTWsIkXYRh6m5n%2BuRXNhOkstfIwzF%2BgruKqLFDTrhi6h4T6be4CpVoDmWjd8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 113ms
41ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 72044
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c7161309dc25af-MIA
content-length: 4547

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4660281.php Show response
s4.histats.com/stats/ 434 B
569 B 220ms
73ms Script
text/html 149.56.240.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4660281.php?4660281&@f16&@g1&@h1&@i1&@j1706422372359&@k0&@l1&@mPASUKAN%20ANTI%20DEPO%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@o1000&@q0&@r0&@s3026&@ten-US&@u1600&@b1:-176469431&@b3:1706422372&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534299.ip-149-56-240.net
Software: /
Resource Hash: bd19ceba5593dce80a475ea69709bd5a6cf752e2483153024ad3052ba9af1aa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:52 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 wlatogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 2 MB
2 MB 39ms
33ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/wlatogel88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1592720
expires: Tue, 27 Feb 2024 02:39:36 GMT

GET
H2 200 kaisartoto88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 1 MB
1 MB 39ms
34ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/kaisartoto88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:51 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1415984
expires: Thu, 15 Feb 2024 03:37:55 GMT

GET
H2 200 indolottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 1 MB
1 MB 78ms
66ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indolottery88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1417070
expires: Tue, 27 Feb 2024 00:44:14 GMT

GET
H2 200 dunialottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 997 KB
999 KB 78ms
67ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/dunialottery88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:57 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1021153
expires: Fri, 23 Feb 2024 22:10:23 GMT

GET
H2 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ 5 MB
5 MB 78ms
67ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H2 200 close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ 2 KB
3 KB 339ms
218ms Image
image/gif 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v744"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="close.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:52 GMT

GET
H2 200 indoboss6d728x90.gif
antoboomerblog.files.wordpress.com/2024/01/ 2 MB
2 MB 77ms
67ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indoboss6d728x90.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2431527
expires: Fri, 09 Feb 2024 02:21:29 GMT

GET
H2 200 microtogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 2 MB
2 MB 76ms
68ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/microtogel88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2505021
expires: Mon, 12 Feb 2024 04:46:55 GMT

GET
H3 200 email-decode.min.js Show response
sky.pasukanantidepo.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 103ms
97ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.pasukanantidepo.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2024 10:32:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b38a27-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bb0rmg3hc%2FXbiRwbcCiS86ZbfDzssC4D9zUdr2TDXLPJmB1pWFo4BAlvbkkq%2BXaw5vF6D3w7sOIEnh5ATLtsrt16%2BdGxFgjlykeobOZoXUUPHs%2Bd1tE%2BOHBNAImbQAfcuCRxO8jrxX66eTSLl0z6Styn6HxAw1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84c71613d8a22203-MIA
expires: Tue, 30 Jan 2024 06:12:52 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/ 8 KB
3 KB 658ms
653ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 23:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvEPyxG7jEcqFeXTjfhKodUhEeeYzkDmbVa%2Ffp8bPDkuwnzpvWaQerOpPbY7pLlJAjzj7B%2Beu%2FnccREFmdNfW65UpeT0mGfoBU5Z%2FapPDZtGE7vZx5vgHuNf5TgcokCDw0ulOh4M0XcR5RpYz7%2B0klZBsa9hRdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71613d8a42203-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:52 GMT

GET
H3 200 regenerator-runtime.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/ 6 KB
3 KB 656ms
652ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtRxtccLaHbAksqJ6v0eCr%2BzY7F8i4w5HfShaaTBaJKTVf4xcYm%2BuMYgjwqwBHXbFF6UF4XmMLRYz0fZFgx%2BxH%2BYcSfURO1TEuZHjbZDQhfC03OZDX%2F1bE9G5WgNIXOaEJlXGl7QOhbAIcDU8N%2B3vLaL5Ybcz8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71613d8a62203-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:52 GMT

GET
H3 200 wp-polyfill.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/ 112 KB
36 KB 921ms
917ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwIk9Ev1jyFaUvP%2FA2%2FiH4ot%2FnQR9VX4dehVBwaW%2BDqB4njlIiAHYZljCkS1KpbaYZMgXI7GbJ3aYOi3KkaJlUego%2FO21a2GC4ja88vJFZdt5aw14iayQ9FR0g3gni75PYW3hR7pr7eJlQYfiY7RMZ%2F6nqiFFb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71613d8a92203-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:52 GMT

GET
H3 200 frontend.js Show response
sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/ 4 KB
2 KB 640ms
636ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ7tXX9xibAOriIPOhy75Jg%2BVdygceUxf3rpS3BozRhpUea4EVUqI%2F801bv3LKNhEKFLtHgdF8UM2x%2FlTjM1sjfRzdPzuWteFrK7YEriqffbQLCL7LcW899PPueEqVhyINWCD3qaHeBnmeM2SPh9y8lVrfU51aM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71613d8aa2203-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:52 GMT

GET
H2 200 / Show response
king.laskar2d.xyz/ Frame 17A0 47 KB
11 KB 1327ms
1033ms Document
text/html 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 66a473125f8059c97da4ecbf72df457a34dab3fd2a2fcb1c788bea59dcd87e21

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c7161609f74c22-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 06:12:53 GMT
link: <https://king.laskar2d.xyz/wp-json/>; rel="https://api.w.org/" <https://king.laskar2d.xyz/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://king.laskar2d.xyz/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGVX4T65HYeV0oSUyJoAhIQ1v7056KP%2FIdUEMX2w3s1AhlzJfo5LCLFe0861xzI0mJzE7vKcaparG03qfz1Cv12xuVrqnKQ6RaRqmutGfxEmmG4DhyrckvTfWUXxcduEFKJvx0fVDCt%2BtHv3w3vv3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 cc_3026.js Show response
s10.histats.com/counters/ 18 KB
8 KB 43ms
42ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3026.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8084ba0a6b770ebad7c2008062cce2addda48238bae32f6b720766072ed2937b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 64158
etag: "-935802188"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c71614dbca25af-MIA
content-length: 7812

GET
H2 200 / Show response
e.dtscout.com/e/ 7 KB
4 KB 445ms
131ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4660281.php?4660281&@f16&@g1&@h1&@i1&@j1706422372359&@k0&@l1&@mPASUKAN%20ANTI%20DEPO%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@o1000&@q0&@r0&@s3026&@ten-US&@u1600&@b1:-176469431&@b3:1706422372&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d457376f6a719e35ed3cbfbfb13ab5c49e98e0ab79eaf60ff253f35ea867d340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
x-t: 0.335
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDspKCxs%2FmSE6nrO%2BISO%2F4v6wxuItOOOB%2B9pbTzos7m3MVyp89Yf3IrwTNysqIeKU2WN3QnuQct8EAS033mKWxxm%2FdoBpBgW%2BypDiOMX4jKLOH1I1m12ihEHsg6xBl2CYRe0BrC%2B26UJOWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 84c71616ca643376-MIA
expires: Sun, 28 Jan 2024 06:12:51 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 943c6368a5480cf4d817121a274cfee0d86b65414ac092b208bd2f256bfac2d5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 1D5B 1 KB
758 B 150ms
140ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=1040170642237250578C5E26DACD5E6F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bff8afd4c585e71c29cd40f7d9018e71d3e827bc6ca9ade7773acf7121372e0

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 84c716186c003376-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 06:12:53 GMT
expires: Sun, 28 Jan 2024 06:12:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwg5Rt6SLEjmHw%2BbDh2jMKQew1RCjCnLPMU5%2BsCZgqgmnp15goXsZWhXUmgvA8yYZzKjcySZNKuFJy7SDJEvCOtjEEyuAqiN1%2Fxqn9595swDMVZ02kXnClFiQo9eFJ6OfGszSpRi9L1Rrk0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 243ms
77ms Script
text/javascript 13.225.195.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-127.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
date: Sat, 27 Jan 2024 11:30:37 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 67337
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: dqCinkdgmPZmi_SZT_31TPy0UmeptAZdFV_jgyYEYPFaDrIEMTAJTQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 268ms
63ms Script
application/javascript 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

c2744159aabad669e4581c889ad963af5e4ece5f383f7b56571bcc737c07eb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:53 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 19 KB
6 KB 122ms
38ms Script
application/javascript 104.18.34.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:09:06 GMT
server: cloudflare
age: 187839
etag: W/"651ed192-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 84c71618cf9a334f-MIA
expires: Wed, 31 Jan 2024 06:12:53 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
366 B 134ms
126ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=sky.pasukanantidepo.shop&_ss=4aytns8o4b&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5cdo&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8c5185e21fe4e9378c15e60ee2780ce4a61e42e3ea9ffc8c3fd85d3bd047d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
x-t: 0.308
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxnVnL9Jv6e6C7izGJ%2FbOehknAd%2FM3M0ln%2Fya3D3SntRPACHDSkXJ1grVaafrWcIeSfSMPH7r%2BQE%2FYV2jRS8qlGViwLksPevFcUwSQ0WwdAisyrtpOV0zpeB7Cv2kcxzzxS8ENPfayBkttw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84c716186c033376-MIA
expires: Sun, 28 Jan 2024 06:12:52 GMT

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 175ms
56ms Image
image/gif 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1706422373344&dn=AFWU&iso=0&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&t=PASUKAN%20ANTI%20DEPO%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&chmob=0
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 58 KB
18 KB 226ms
80ms Script
text/javascript 13.225.195.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-59.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:47:37 GMT
content-encoding: gzip
via: 1.1 90afcdb26518f969b68e124515efb74c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 19517
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: d9o3Ht_ZWf4XZmd9zbUQkN7UWcTD3ADKzhfVqYdgqMdGVQHRPI3WVg==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
605 B 142ms
73ms Script
application/javascript 2606:4700:20::ac43:4aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=1040170642237250578C5E26DACD5E6F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
x-t: 1.73
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4VhHjX0XuK%2F54MkXstJqb0VNJm0E7D%2F7myeUI8LhGKBts5DUn%2B07Kj5FCVSFaFJwLT6bb1NH5AdE3pnjxMgH%2Bg92SHEAE%2FTxbzp6fvgCtpZAgw%2FHBPjaiQmB4m%2BNHci7blPVZZioIMlKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 84c71619e82d8dba-MIA
expires: Sun, 28 Jan 2024 05:48:18 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=1040170642237250578C5E26DACD5E6F
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=21dd445f-53ea-410b-9287-9275ccc51e48&icm&gdpr=0&gdpr_consent=&cver
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=4a4ced07dc717f8b
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mi03a3FROUNqa1ZJSFdiOTVwVTNMNnhiUWRqX3E3N0dfbktXTGZpZWZuVFE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mi03a3FROUNqa1ZJSFdiOTVwVTNMNnhiUWRqX3E3N0dfbktXTGZpZWZuVFE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEOD0-eM19DcneA8XqcbE4Mw&google_cver=1

70 B
440 B

54ms
54ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEOD0-eM19DcneA8XqcbE4Mw&google_cver=1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 28 Jan 2024 06:12:54 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEOD0-eM19DcneA8XqcbE4Mw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 50 B
458 B 327ms
162ms Fetch
application/json 54.192.51.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-72.yul62.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
via: 1.1 25d430acaef0ba8e2a9fff8bf278ceda.cloudfront.net (CloudFront), 1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, YUL62-C2
x-amzn-requestid: 69cc0d9c-4fd7-4b59-8fab-dda87e291086
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SPJ_7HBGCYcEdww=
content-length: 50
x-amz-cf-id: i_sMo5zHihppQTtqpAIM98X4RFlPuyhpIUXUoWIwRTJ51VFX5YsFEw==

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 180ms
57ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d900b283989b03b160f4d638c96129b850ae0d267588b057e53aaa96920d669e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Sun, 28 Jan 2024 06:12:53 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 1388
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 212ms
50ms Script
application/javascript 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7621125106495434&stid=ZGAACWW18GUAAAAIZH1dAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 28 Jan 2024 07:12:53 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 66ms
65ms Image
image/gif 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&event_source=dtscout&rnd=0.7621125106495434&exptid=ZGAACWW18GUAAAAIZH1dAw%3D%3D&fcmp=false

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:53 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/ 18 KB
5 KB 628ms
627ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Feb 2023 12:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BkjWu8sZSqpOtXS03deJ2ckVaPJJGzomb%2FwhqQ7eEten%2BN9%2FrqfAfcutPmqUfADyK19FSKSkHwtfQAenUlIKJtX4xjxC%2BMVGKp%2FJfsGZNWFHTdxXeSGeVsegD9b7W40HhUPFEGeM%2BY%2BG8wr6CEfOa%2B%2FFbHxc3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161b8eb62203-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:53 GMT

GET
H2 200 style.min.css
king.laskar2d.xyz/wp-includes/css/dist/block-library/ Frame 17A0 107 KB
15 KB 964ms
961ms Stylesheet
text/css 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ui%2Bk9YkIw02MEjXc2SFsn2FOSAtM8xZee9JpWkCYWKuXVDjZhHRYPYjc3mKsbuTuu9QaNQiFD2Bt8802eJGG8psnq0yAC7Wtmob8AdRZu0YmEVYPMutshrR7dhxIcB20VHtK5CmAjS5z4N4Fyx1l%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161c8fb14c22-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:53 GMT

GET
H2 200 sidebar-login.css
king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/ Frame 17A0 2 KB
760 B 631ms
629ms Stylesheet
text/css 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1688220023
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYVThJCQCUbytOSMOH1WAew8p34b3yJZSO3pnrQ%2Bjt9M2CbPwwqXmhcK%2BfNB0IAHkddMxCciO%2B58kP8wL5%2F%2FXGyBgP0iEJB%2FOJK3cqL2JsKcXfb6tOSSMgA8670j%2BXVOhrVfxncqVD9vWXcJejQtLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161c8fb24c22-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:53 GMT

GET
H2 200 style.css
king.laskar2d.xyz/wp-content/themes/asteroid/ Frame 17A0 28 KB
8 KB 634ms
632ms Stylesheet
text/css 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 26 Aug 2023 13:42:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LF7r%2FS%2BXxYv3H1DYdRboBJVH%2FlJvRnowm74k9lARbGaPddH27Ew9T1EeUJBP8BFZp%2BSUw3yHbeLT99U0zR%2FnYCEWuo%2FwdWFGGhJyqKfDh0dzxuCFbjUxduUFAnrhp0SvZNYplQ0kgjhBn9a1h9%2Bj%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161c8fb34c22-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:53 GMT

GET
H2 200 jquery.min.js Show response
king.laskar2d.xyz/wp-includes/js/jquery/ Frame 17A0 86 KB
31 KB 975ms
974ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:21:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oX15M5oBhXsCTWS11DGd0H%2F%2BpRzXDuQvSHJiuqaJhj0z4F5cTs8TXJqY1%2BXpFitWgEL%2B4icr%2FlzMc08hRFs3ZztCFn%2BkmDZMvzdu3oKL3%2FxtHahQMWESGl1YPes9qrj9jyx0SbP1YAw0hNJT176Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161c8fb44c22-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:53 GMT

GET
H2 200 jquery-migrate.min.js Show response
king.laskar2d.xyz/wp-includes/js/jquery/ Frame 17A0 13 KB
5 KB 645ms
644ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 21:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RERtw5oWvM%2BBy%2FDGM0gLmj2QW1j4IMjA%2FMzX1KZTpn91JjDluCvqxwkPsvy8m%2FXSppSOOzvT%2BS4NN%2BeAmQ6qQI9lflaeucCP5J9nzkdZnljQ6%2FvB%2Bkgkg0EDrGWeMr4RPYEBJ8XZyWQC2QLvTgxpHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7161c8fb54c22-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:53 GMT

GET
BLOB 200
OK 64b75768-f473-45f4-9a95-3fbd3865cdd5
https://king.laskar2d.xyz/ Frame 17A0 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://king.laskar2d.xyz/64b75768-f473-45f4-9a95-3fbd3865cdd5
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 204 /
dp2.33across.com/ps/ Frame 8CC2 0
0 181ms
57ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1706422373813.6
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP015 /
Resource Hash

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
server: 33XP015
x-33x-status: 208

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Brand+Safety%2FMilitary&us_privacy=&random=1706422373813.1
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Brand+Safety%2FMilitary&us_privacy=&random=1706422373813.1
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnFEaWFseWE2cUpXbDFQWE9pZnB6UUpwYVk2Q3JJU0N4VFBHS1RULVRvX3M&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnFEaWFseWE2cUpXbDFQWE9pZnB6UUpwYVk2Q3JJU0N4VFBHS1RULVRvX3M&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEPJQ4IlRTRRtViOeLSdMUkA&google_cver=1

70 B
440 B

54ms
54ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEPJQ4IlRTRRtViOeLSdMUkA&google_cver=1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 28 Jan 2024 06:12:54 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEPJQ4IlRTRRtViOeLSdMUkA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&_rand=1706422373813.2
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&_rand=1706422373813.2&expected_cookie=757e7662-ef7b-4ed8-816c-97bda61f6fc9

0
142 B

119ms
119ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&_rand=1706422373813.2&expected_cookie=757e7662-ef7b-4ed8-816c-97bda61f6fc9
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0C894C83BAED43639D1A9B706D187D3A Ref B: MIAEDGE1315 Ref C: 2024-01-28T06:12:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYP+2tx7rdqXRs1h3npJw==

Redirect headers

date: Sun, 28 Jan 2024 06:12:53 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 65F5951EB6244D1CB578ACB126422C3E Ref B: MIAEDGE1315 Ref C: 2024-01-28T06:12:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=15927&puuid=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&_rand=1706422373813.2&expected_cookie=757e7662-ef7b-4ed8-816c-97bda61f6fc9
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYP+2tv/CtIO1gMxc2Dpw==

GET
H2

204

21dd445f-53ea-410b-9287-9275ccc51e48
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&ts=1706422373813.3
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65b5f065bc6e4100010bdaaf%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65b5f065bc6e4100010bdaaf%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
https://map.go.affec.tv/map/an/5294388161815131724?ch=65b5f065bc6e4100010bdaaf&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
https://map.go.affec.tv/map/ttd/21dd445f-53ea-410b-9287-9275ccc51e48?ttd_puid=&gdpr=0&gdpr_consent=

0
562 B

52ms
52ms

Image
text/plain

100.25.178.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/21dd445f-53ea-410b-9287-9275ccc51e48?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 100.25.178.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-178-23.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

location: https://map.go.affec.tv/map/ttd/21dd445f-53ea-410b-9287-9275ccc51e48?ttd_puid=&gdpr=0&gdpr_consent=
date: Sun, 28 Jan 2024 06:12:54 GMT
server: Kestrel
content-length: 229

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&random=1706422373813.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fap...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&random=1706422373813.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.ne...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=779ed7a5-35a5-4b1a-95d2-4636b76203c3%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=21dd445f-53ea-410b-9287-9275ccc51e48&ttd_puid=779ed7a5-35a5-4b1a-95d2-4636b76203c3%2Chttps%253A%252F%252Fusermatch.krxd.n...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
338 B

169ms
52ms

Image
text/plain

18.214.41.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 18.214.41.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-41-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n023-ash-prod.krxd.net
date: Sun, 28 Jan 2024 06:12:54 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1706422374
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Sun, 28 Jan 2024 06:12:54 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a007-ash-prod.krxd.net

GET
H2 204 /
dp2.33across.com/ps/ 0
68 B 178ms
57ms Image
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dp2.33across.com/ps/?pid=1205&rand=1706422373813.5
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP013 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status: 208
date: Sun, 28 Jan 2024 06:12:53 GMT
server: 33XP013

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKSWW18GWxH%2BLwPUBQAg%3D%3D&us_privacy=&random=1706422373813.7&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212460214435093&seg_code=33x&random=1706422374
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212460214435093%26seg_code%3D33x%26random%3D1706422374

43 B
1 KB

63ms
62ms

Image
image/gif

68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212460214435093%26seg_code%3D33x%26random%3D1706422374

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Server

68.67.161.208 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:54 GMT
an-x-request-uuid: 15f5123a-f569-4bfd-94b1-0d2fabfab2b5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.74; 38.132.118.74; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:54 GMT
an-x-request-uuid: a0356c8d-3779-43aa-a210-d16c0fa34b59
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212460214435093%26seg_code%3D33x%26random%3D1706422374
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.74; 38.132.118.74; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 5 MB
5 MB 30ms
28ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:53 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H2

200

/
bolo.treksantuy.xyz/ Frame 17A0
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

1068ms
1068ms

Image
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 28 Jan 2024 06:12:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAyfPEDeByzah2hcV%2BksAYkEN8iu%2F%2BqocC6tBGHrs93K0Ue57xyCbGUCTQhS2I16Im%2FqFAMLdMvQpIwM29HAP5LgCmo%2Bl%2BqJrkgXEpTjLLpVxFwayOzLTqJCcK3nJcmQqzaYmhU%2BmDfM9vn8FFvL5A%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 84c7161cbb992878-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 07:12:53 GMT

GET
H3 200 unnamed-1.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 205 KB
205 KB 112ms
97ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-1.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bfcef82755bac56e01032d196dc587e851fcfb9a2a1882c7e283b9ea451a17a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:46:35 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 210028
expires: Sun, 04 Feb 2024 18:20:03 GMT

GET
H3 200 unnamed-3.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 224 KB
225 KB 117ms
103ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-3.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e78ac302ebdef9842d5c628cef762ed1ad4b9650dd4915810cbf3cdaa86010c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:48:07 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 229818
expires: Sun, 28 Jan 2024 13:01:09 GMT

GET
H3 200 unnamed-22.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 292 KB
292 KB 121ms
107ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-22.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d30f436b9752f07747f2b72cc77985554918de4f9b5e74c65271c89e3b1501b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:19:02 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 298675
expires: Thu, 22 Feb 2024 11:37:59 GMT

GET
H3 200 unnamed-5.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 362 KB
362 KB 130ms
115ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-5.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87d3abed87820941c3f8f4d8cc01563a8ef74d7886c948b9b0da3e3929bfce92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:51:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 370255
expires: Mon, 29 Jan 2024 17:58:49 GMT

GET
H3 200 unnamed-6.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 507 KB
507 KB 139ms
124ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-6.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ac6002b55a7bc33de07da0fc1391dbd8b61598823a7768591aed4b0e4a5e421a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:53:48 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 519311
expires: Thu, 01 Feb 2024 13:36:16 GMT

GET
H3 200 unnamed-7.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 528 KB
529 KB 145ms
130ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-7.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06710711e7517c22412aa923d472e9cce857b02605e4c0049cdc7edb666a132c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:55:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 541175
expires: Thu, 01 Feb 2024 12:45:20 GMT

GET
H3 200 unnamed-8.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 355 KB
356 KB 149ms
134ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-8.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ee5599420176d6c73cb80505f7d287e527d903336f0cfb2348ace130fb7d6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:57:28 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 363774
expires: Fri, 02 Feb 2024 21:18:28 GMT

GET
H3 200 unnamed-28.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 328 KB
328 KB 151ms
136ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-28.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8ac1e08581c5691d74fb1a69b925f400e14db93ddc9451db0b72456e4af3a2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:13 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335785
expires: Mon, 12 Feb 2024 15:00:38 GMT

GET
H3 200 unnamed-27.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 289 KB
289 KB 152ms
136ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-27.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cdf948f65cf951821da557dc5b8cc9067c64589070285feab8aa6f7c64657e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:18:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 295549
expires: Tue, 30 Jan 2024 10:59:57 GMT

GET
H3 200 unnamed-26.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 262 KB
263 KB 154ms
139ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-26.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbd4ea5e26cff619ebe31130ce16126cdcaff265a697139b20c80a960954832f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:17:49 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 268554
expires: Fri, 16 Feb 2024 20:44:37 GMT

GET
H3 200 unnamed-24.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 228 KB
228 KB 162ms
147ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-24.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e22819d3433cfdb5d3f848fee01b7cccc863970901de5efa3e80a7eadbd48c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 232980
expires: Wed, 21 Feb 2024 11:31:06 GMT

GET
H3 200 unnamed-25.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 693 KB
693 KB 170ms
155ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-25.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e31a5516051e3dcd6be48ada99dbf2d270db37dd3a304fded21e105f6c733bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 709526
expires: Wed, 06 Mar 2024 04:51:14 GMT

GET
H3 200 unnamed-29.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 193 KB
193 KB 179ms
164ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-29.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2388f1b8ef95668322254f1ae8523c148beceddccd6e239bd683281835e1180b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 197657
expires: Sun, 11 Feb 2024 20:03:03 GMT

GET
H3 200 unnamed.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 250 KB
250 KB 173ms
158ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:44:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 256150
expires: Wed, 07 Feb 2024 10:36:03 GMT

GET
H3 200 unnamed-10.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 270 KB
270 KB 471ms
456ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-10.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:31:01 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 276544
expires: Sat, 03 Feb 2024 11:11:36 GMT

GET
H3 200 unnamed-11.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 247 KB
247 KB 256ms
241ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-11.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:32:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 252743
expires: Sun, 11 Feb 2024 14:05:02 GMT

GET
H3 200 unnamed-12.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 282 KB
283 KB 258ms
242ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-12.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:33:50 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 289127
expires: Fri, 16 Feb 2024 22:13:10 GMT

GET
H3 200 unnamed-13.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 514 KB
514 KB 261ms
245ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-13.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:34:55 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 526000
expires: Sun, 11 Feb 2024 01:50:47 GMT

GET
H3 200 unnamed-14.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 291 KB
291 KB 279ms
263ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-14.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:35:54 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 297540
expires: Tue, 06 Feb 2024 19:30:34 GMT

GET
H3 200 unnamed-9.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 194 KB
194 KB 290ms
273ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-9.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:27:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 198395
expires: Mon, 12 Feb 2024 22:33:45 GMT

GET
H3 200 unnamed-15.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 388 KB
388 KB 294ms
277ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-15.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:37:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396918
expires: Tue, 06 Feb 2024 18:52:34 GMT

GET
H3 200 unnamed-16.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 326 KB
326 KB 298ms
280ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-16.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:39:46 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 333383
expires: Sat, 03 Feb 2024 01:45:14 GMT

GET
H3 200 unnamed-17.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 312 KB
312 KB 310ms
292ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-17.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:41:12 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 319266
expires: Wed, 07 Feb 2024 01:41:58 GMT

GET
H3 200 unnamed-18.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 188 KB
188 KB 310ms
293ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-18.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:42:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192555
expires: Thu, 15 Feb 2024 04:32:14 GMT

GET
H3 200 unnamed-19.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 280 KB
281 KB 317ms
299ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-19.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:43:23 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 286968
expires: Sat, 03 Feb 2024 06:43:58 GMT

GET
H3 200 unnamed-20.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 351 KB
352 KB 317ms
300ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-20.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:44:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 359746
expires: Wed, 14 Feb 2024 04:16:09 GMT

GET
H3 200 unnamed-21.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 17A0 265 KB
265 KB 328ms
311ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-21.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:45:42 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271048
expires: Wed, 21 Feb 2024 00:38:41 GMT

GET
H/1.1 200
OK 4794504.gif
s4is.histats.com/stats/i/ Frame 17A0 1 KB
1 KB 246ms
100ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4794504.gif?4794504&103
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 118de8cf537f918fddebc1a3e05e71080d7b4bf810fa9b1f21870de27c89ac69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:55 GMT
Connection: close
ETag: -844068662
Content-Length: 1037
Content-Type: image/png

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 256ms
70ms Script
text/javascript 54.192.51.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-122.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 06:10:25 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 150
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: QgyVZ4tAEP8X6UbAQUcBa-O__qjMBnkrBz03aGasmaawe4os14Lv1A==

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 478B 2 KB
1 KB 52ms
51ms Document
text/html 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7621125106495434&stid=ZGAACWW18GUAAAAIZH1dAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 28 Jan 2024 06:12:53 GMT
Expires: Sun, 04 Feb 2024 06:12:53 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 3EBD 19 KB
9 KB 56ms
55ms Script
text/javascript 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:53 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Sun, 04 Feb 2024 06:12:53 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame FFE3 438 B
675 B 61ms
61ms Script
application/javascript 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

cd00638573fb85c0ab0273522a410e21d5118ee86f03a17f77713870adc6aa4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 3EBD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=21dd445f-53ea-410b-9287-9275ccc51e48&gdpr=0&gdpr_consent=

42 B
297 B

255ms
61ms

Image
image/gif

3.130.132.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=21dd445f-53ea-410b-9287-9275ccc51e48&gdpr=0&gdpr_consent=

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Server

3.130.132.252 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-132-252.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGAACWW18GUAAAAIZH1dAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=21dd445f-53ea-410b-9287-9275ccc51e48&gdpr=0&gdpr_consent=
date: Sun, 28 Jan 2024 06:12:54 GMT
server: Kestrel
content-length: 215

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 3EBD
Redirect Chain

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGAACWW18GUAAAAIZH1dAw%3D%3D&gdpr=0&gdpr_consent=
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdBQUNXVzE4R1VBQUFBSVpIMWRBdz09EAAaDQjm4NetBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=155261f4bf81ddacf2466d2ab0ef9f162007d7fbd4cbc2275911741bf01686fc791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=155261f4bf81ddacf2466d2ab0ef9f162007d7fbd4cbc2275911741bf01686fc791426b5417dce21&rand=08376149

0
143 B

118ms
118ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=155261f4bf81ddacf2466d2ab0ef9f162007d7fbd4cbc2275911741bf01686fc791426b5417dce21&rand=08376149
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:53 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 44F5125EFAEE4BB29EF4BF4171EAF7F5 Ref B: MIAEDGE1315 Ref C: 2024-01-28T06:12:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYP+2t3OX4I1VCL54KDIg==

Redirect headers

date: Sun, 28 Jan 2024 06:12:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=155261f4bf81ddacf2466d2ab0ef9f162007d7fbd4cbc2275911741bf01686fc791426b5417dce21&rand=08376149
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 3EBD
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2cx_oltPw_p74cU4BVQ57xI3y0lAoEAUEGTfyW1HK5XE&gdpr=0&gdpr_consent=

42 B
297 B

213ms
61ms

Image
image/gif

3.130.132.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2cx_oltPw_p74cU4BVQ57xI3y0lAoEAUEGTfyW1HK5XE&gdpr=0&gdpr_consent=

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Server

3.130.132.252 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-132-252.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGAACWW18GUAAAAIZH1dAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2cx_oltPw_p74cU4BVQ57xI3y0lAoEAUEGTfyW1HK5XE&gdpr=0&gdpr_consent=
Date: Sun, 28 Jan 2024 06:12:54 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame 3EBD
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGAACWW18GUAAAAIZH1dAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3641664108781109264
https://ml314.com/csync.ashx?fp=959ae8c3259c196c83144ad33a14b7d1c68ab1d2802c9e696964219314216936f4cb09cee1a4f8eb&person_id=3641664108781109264&eid=50082

43 B
124 B

66ms
65ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=959ae8c3259c196c83144ad33a14b7d1c68ab1d2802c9e696964219314216936f4cb09cee1a4f8eb&person_id=3641664108781109264&eid=50082
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 29 Jan 2024 06:12:54 GMT
date: Sun, 28 Jan 2024 06:12:54 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Sun, 28 Jan 2024 06:12:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=959ae8c3259c196c83144ad33a14b7d1c68ab1d2802c9e696964219314216936f4cb09cee1a4f8eb&person_id=3641664108781109264&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 3EBD
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZGAACWW18GUAAAAIZH1dAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

61ms
61ms

Image
image/gif

3.130.132.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Server

3.130.132.252 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-132-252.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGAACWW18GUAAAAIZH1dAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Sun, 28 Jan 2024 06:12:59 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame FFE3 51 KB
16 KB 99ms
30ms Script
application/javascript 23.34.194.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.34.194.26 Miami, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-34-194-26.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 28 Jan 2024 06:12:54 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Sun, 04 Feb 2024 06:12:54 GMT

GET
H3 200 email-decode.min.js Show response
king.laskar2d.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 17A0 1 KB
1 KB 45ms
30ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://king.laskar2d.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2024 10:32:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b38a27-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJ4VuQhH1E2gjPuLRgyfERhIiPrp8LyNOFGfqIc9CzGlU1gJevf8cQVF30IyE3MfCbS0dR%2BmhOAPiYVUR9eaRDfGgwYZ3XOD5fZQB5kbMeZ3t27lDJ3Fl8gDsOyOeuhKGiLiM5se0FnYmMPzKI784g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84c71622e9713dcd-MIA
expires: Tue, 30 Jan 2024 06:12:54 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
king.laskar2d.xyz/wp-includes/js/dist/vendor/ Frame 17A0 8 KB
3 KB 670ms
654ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 23:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxCyrlUCczCOTllwcXYnI%2FqJBIyPtqC6zdS3F4CpLL9ehVA8%2BAvgJwIRsNRE5tWiKegzwKv01Mbw83Ww%2BOm4mJVZC29Ka3N6EJ%2F4Ca9h%2FqlsTk4LPD5vVVLYmyvxwbX6PPY1nB71GRhWyv05ZtR4cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71622e9743dcd-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:54 GMT

GET
H3 200 regenerator-runtime.min.js Show response
king.laskar2d.xyz/wp-includes/js/dist/vendor/ Frame 17A0 6 KB
3 KB 679ms
663ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0Gv0D%2FxsPY8%2Fgx8iMvy6fAMSfH6SYhOmXT1VH2P%2B%2FsMfloJcRX1bcQPTgNB9t2TdzYdMUAIYDsnBmxpdZW4sHeGIhRnIglF718YzTjw%2BPYamDJ2uTxXsbkaP9Wa%2BiJedoK%2BPpqg%2FIg3dZtodKYxMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71622e9783dcd-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:54 GMT

GET
H3 200 wp-polyfill.min.js Show response
king.laskar2d.xyz/wp-includes/js/dist/vendor/ Frame 17A0 112 KB
36 KB 1035ms
1019ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qx8uGNpdIls8JXVf5usgr%2B0yScTcxparloReNcSrUiEx34SOKIn1ptCB9hzQwvh6iNv3AOk%2BpXIWCV51oHuJQWAQHt9O3FZI%2F6BqEXuMT7ItaKcfYE9QFmBkizwZd9pN0n4f9Fkr4685E6YMXevdfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71622e9793dcd-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:54 GMT

GET
H3 200 frontend.js Show response
king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/ Frame 17A0 4 KB
2 KB 676ms
661ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSH9SaaJmHF%2Bm9%2FcgsPp4if81bxHrEGIS0hezqXQ%2BpoycB5Ypw2qkakMn495t5GjimWQys3%2BpMzV%2BfPLme3bTC7cdvZyyL6cUNQOchzYRhraGX5q4VGXQU3OjXxJ3tYCQ4LygjflmUlLIC5CSoPGyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71622e97a3dcd-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:54 GMT

GET
H2

200

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
336 B

55ms
54ms

Fetch
application/json

3.211.54.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 3.211.54.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-54-87.compute-1.amazonaws.com
Software: /
Resource Hash: 98857c12df908b8cfcdb70f4e1e9fb8bcf84267837dba3d4427b8b1f888ac196

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://sky.pasukanantidepo.shop
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

Redirect headers

location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
access-control-allow-origin: https://sky.pasukanantidepo.shop
date: Sun, 28 Jan 2024 06:12:54 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET 59574
stags.bluekai.com/site/ Frame 3992 0
0

GET
H3 200 style.min.css
bolo.treksantuy.xyz/wp-includes/css/dist/block-library/ Frame 0881 107 KB
15 KB 64ms
63ms Stylesheet
text/css 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 23:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 145107
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yn3UvdeC%2BZdUsI5ypPlZuzPK6H5K8PH%2BfGsvwZLRctvUBAJGh3SEEZRX9CQXOtRJcQlXGGgdYZlBMpwpcg0eA%2BO7gQPO7SB03LUau%2F4HU%2B7RKt%2BGX44hdsQt7yKIlEwPkMoa32rQpzrYk%2BvXNYlA3Ena"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716205d8e8daf-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 02 Feb 2024 13:54:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0881 9 KB
1 KB 171ms
62ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 06:10:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Jan 2024 06:12:54 GMT

GET
H3 200 genericons.css
bolo.treksantuy.xyz/wp-content/themes/frontier/includes/genericons/ Frame 0881 28 KB
16 KB 36ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.3
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 07:26:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 145107
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUI0IwBLHThjPAyyns2jrLVufbYjw40s2Iw500BRyu1cy%2BrGVUJ%2BaWV5v%2BzhCHoW%2Bb2Kgw8lKQZUW%2FKhkBWmEJUsE38jhjy9Pxjk%2Fm%2Fd1DYT8fGxgOpKsrQUFzNQeeIgJ%2BHxKkPrd4H%2Bl1g4ht%2FcSC99"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716205d8f8daf-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 02 Feb 2024 13:54:26 GMT

GET
H3 200 style.css
bolo.treksantuy.xyz/wp-content/themes/frontier/ Frame 0881 22 KB
6 KB 65ms
63ms Stylesheet
text/css 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/themes/frontier/style.css?ver=1.3.3
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7261ac909063abccd2f148d068599ffff4a1b14efaef9d4d6811346195f5fe9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 17 Dec 2023 14:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 74644
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI%2Fxw5GYJ7PjmKyCBWq1fA5qKlVnDBEzqLsazMS8Pv2ukQUybSMbrHdldIKizD%2FP6yrnNjcBEskow%2FrCpNqedugqCwGF0KC37HAplULppwz8e1gB340GtgYUOLCgSluifn5W2HAcBcGmpoAjd8mqWVek"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716205d908daf-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Feb 2024 09:28:49 GMT

GET
H3 200 jquery.min.js Show response
bolo.treksantuy.xyz/wp-includes/js/jquery/ Frame 0881 86 KB
31 KB 91ms
90ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 23:50:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 145107
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RmKcy8T7bZLvYTMh2F45uWcfUzRIiJ97uE%2FVTsQWTXM40tnFSuzZphDt1zj7sTUpjOn0Wa1NdDxuqURUZRXkUygctY5IFsxTLMk08cf%2FUZrCw5mw3u2qNKOEMMSbTP4UJNxQQqQlkjX%2Boz8qZM8X4Jb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716205d918daf-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 02 Feb 2024 13:54:26 GMT

GET
H3 200 jquery-migrate.min.js Show response
bolo.treksantuy.xyz/wp-includes/js/jquery/ Frame 0881 13 KB
5 KB 92ms
91ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 10:08:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 583566
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FW8PpFJbiDFtwDcRVSjbBoin8x0mngazxgAb9u2e%2BE%2B%2BJVHj4t0zICz1OMe%2BEhO4vtbiumadZQ0mr5DYKmNq3kt6Q3q9fmKC%2ByZui5nz0XpdMC1k3zdh8%2FQcUZ48D%2FFqYJ8oqlPCOus1JHAUkWi0AAe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716205d928daf-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 12:06:48 GMT

GET
H3 200 wlatogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame 0881 2 MB
2 MB 29ms
28ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/wlatogel88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1592720
expires: Tue, 27 Feb 2024 02:39:36 GMT

GET
H3 200 kaisartoto88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame 0881 1 MB
1 MB 30ms
29ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/kaisartoto88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:51 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1415984
expires: Thu, 15 Feb 2024 03:37:55 GMT

GET
H3 200 indolottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame 0881 1 MB
1 MB 32ms
29ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indolottery88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1417070
expires: Tue, 27 Feb 2024 00:44:14 GMT

GET
H3 200 dunialottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame 0881 997 KB
998 KB 41ms
37ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/dunialottery88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:57 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1021153
expires: Fri, 23 Feb 2024 22:10:23 GMT

GET
H3 200 7meter_gif-banner_prediksi_728x90.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame 0881 120 KB
120 KB 58ms
55ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/7meter_gif-banner_prediksi_728x90.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d80f6523545dad74a52c6afbc2db2210fa1418e86cdf000233c482e199ed8b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:00:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 122788
expires: Wed, 31 Jan 2024 23:20:36 GMT

GET
H3 200 728.gif
bolo.treksantuy.xyz/wp-content/uploads/2024/01/ Frame 0881 4 MB
4 MB 37ms
34ms Image
image/gif 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/wp-content/uploads/2024/01/728.gif
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d771c7db362c1697c04dbb3e24720ad5ef4c73f75daaeedc4e1b1fe640509bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 401403
alt-svc: h3=":443"; ma=86400
content-length: 4392563
last-modified: Tue, 23 Jan 2024 11:02:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfwrBXm3L%2BtsLu%2FHUpah3zI9yej9xvbfvjoMVhhxvZoJNhMFO256RhtDqbNuJ07MzXCocgVJUtrHZqQUqT%2BcPfIAx7UMeN4KQd9PCLgPzi08GmPCBrgshM6%2BCCQ%2B75xSH3b%2B6vxgBNNWg8qmz2DwTGI9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84c716217e4c8daf-MIA
expires: Tue, 30 Jan 2024 14:42:50 GMT

GET
H2 200 close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ Frame 0881 2 KB
3 KB 74ms
71ms Image
image/gif 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v744"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="close.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:54 GMT

GET
H3 200 indoboss6d728x90.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame 0881 2 MB
2 MB 58ms
56ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indoboss6d728x90.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2431527
expires: Fri, 09 Feb 2024 02:21:29 GMT

GET
H3 200 microtogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame 0881 2 MB
2 MB 81ms
80ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/microtogel88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2505021
expires: Mon, 12 Feb 2024 04:46:55 GMT

GET
BLOB 200
OK d8e60c7f-8c3f-4542-b41f-e72946c129f4
https://bolo.treksantuy.xyz/ Frame 0881 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bolo.treksantuy.xyz/d8e60c7f-8c3f-4542-b41f-e72946c129f4
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2

403

ZdO9uN
momen.tm/ Frame 0881
Redirect Chain

https://treksantuy.asia/wp-content/themes/frontier/images/honeycomb.png
https://momen.tm/ZdO9uN

0
0

332ms
100ms

Image
text/html

52.21.33.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://momen.tm/ZdO9uN
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Server: 52.21.33.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: us-ip-1.short.io
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 28 Jan 2024 06:12:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04BQa0Y7Y76wMHTeWD861l%2Fayg8%2FQXhRE2QpvGOgKyc26y18OauLeE3FNaNFD0E0ZikQ29lTtMlXDm1BpR49Ojh5KDrra1%2FFL0u8cC7LpVo2Pdkp42lcf%2FacFdcnzrPVblo43TEuu3AnkNC6Q1w%3D"}],"group":"cf-nel","max_age":604800}
location: https://momen.tm/ZdO9uN
cache-control: max-age=3600
cf-ray: 84c716220dd17418-MIA
expires: Sun, 28 Jan 2024 07:12:54 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 0881 50 KB
51 KB 161ms
53ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bolo.treksantuy.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:05:05 GMT
x-content-type-options: nosniff
age: 68869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 11:05:05 GMT

GET
H2

200

result.php Show response
wget.angkapaito.net/ Frame 0738
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
764 B

91ms
76ms

Document
text/html

2606:4700:3037::6815:605a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:605a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7151ca0d77e0125fe9a89dfae59d7dcdb36527ffb391715de9380635d0cf73

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c716230ba65c64-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 06:12:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvQ4an9NBmuUuR2nyl0Zk%2B%2BoFSfZateveS3kMT6iG66PzeQFd1A7TqfOh4eoHDTOhpgic0XIUAtate9xcdFbMTKO9ThvL6YMLpGlin5qZcnVYQw66kZfqINGVu6bRJ002IF2Q2iom14VXJuBpRJSuRqC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c716225a545c64-MIA
content-type: text/html
date: Sun, 28 Jan 2024 06:12:54 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JU5BCPNh9zCvBL7Do4Wb%2B4I0meNM2yV0QSggTnUgNSCZ31GgL%2FSDesWBUVvbdjwZRFuJ3pQjBI1ASNG8eZS9tsImNtUJU6LusI4HRfc%2FgbQ7k398M6TythmzpYrOZaZH%2FL4CEWnjaKIXISDeHYWyCzVs7qM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

/
bolo.treksantuy.xyz/ Frame 0881
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

49 KB
49 KB

1155ms
1154ms

Image
text/html

2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDfDGmRLRKsKrCV2hBPvVcmvdHb%2FCoYUqmOXEexkl3%2BxsCg5W9d8%2Fx%2BRGtuKiTFzzppUZvWkfCRkcdU4R8pU1MpX17Q5dAIhAqJ5yX8Ef3rXs2FBwVZ%2BLqJDHFmkq9KGK8ZKckmn3SGH47ZQzX9iPybd"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716228ee58daf-MIA
link: <https://bolo.treksantuy.xyz/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 28 Jan 2024 06:12:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LohmLC5cHvqdpIJwiAQdW2z7m06liyfiWm5lEADEwuq7qkXQLYBiGDxhOxejmtkk7x6u6a8nlM0MSvWNfwhDJhg721EN2daGumP4WyjWe97dGA0J9PyTuQohvh%2F%2BCBu2LmbA1OHry8UcCwQ2CBm1OA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 84c716224c64335e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 07:12:54 GMT

GET
H3 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame 0881 105 KB
106 KB 52ms
47ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 17 Feb 2024 16:16:44 GMT

GET
H3 200 new-bandarnalo.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame 0881 100 KB
101 KB 162ms
157ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/new-bandarnalo.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:37:19 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 102622
expires: Mon, 05 Feb 2024 20:52:18 GMT

GET
H3 200 paitowarna.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame 0881 156 KB
156 KB 65ms
60ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/paitowarna.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:35:44 GMT
server: nginx
x-orig-src: 0_mogiad
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 159643
expires: Sat, 24 Feb 2024 06:07:08 GMT

GET
H3 200 729x90-animated-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame 0881 327 KB
327 KB 72ms
67ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90-animated-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Oct 2023 12:16:32 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335048
expires: Sat, 17 Feb 2024 06:28:12 GMT

GET
H3 200 729x90_agennalo.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame 0881 327 KB
327 KB 78ms
72ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90_agennalo.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 19:28:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 334612
expires: Sun, 18 Feb 2024 07:31:59 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 0881 5 MB
5 MB 80ms
74ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 0881 11 KB
5 KB 48ms
39ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 72046
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c7162259bc25af-MIA
content-length: 4547

GET
H3 200 jquery.modal.css
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/ Frame 0881 823 B
831 B 483ms
477ms Stylesheet
text/css 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 145107
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2wWBTcFRWG%2F6%2FBnM8ktVdqz3Wvtw0o1NsnoHXgRwLXAyZGOdjSZm5m8Y5%2FQUCXKxwu3VgKPtGKWjgDZdtwbj1b0Tw%2Buzy7rE%2Fj6UuOpu3ugDDABWnHwwJQU6%2FsoW%2F6BiIUF1joEU9%2F%2FDjTWrckZ%2FRDd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716225ec08daf-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 02 Feb 2024 13:54:26 GMT

GET
H/1.1 200
OK 4789234.gif
s4is.histats.com/stats/i/ Frame 0881 1 KB
1 KB 245ms
82ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4789234.gif?4789234&103
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: a901faf466eb18d0507011a76611e62d27823c2739d7c858ad731f48e839dff2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:54 GMT
Connection: close
ETag: -49959983
Content-Length: 1296
Content-Type: image/png

GET
H3 200 ibetwin_gif_400x400.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame 0881 1 MB
1 MB 110ms
103ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/ibetwin_gif_400x400.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

730412109bc24c266a27e4c2248182c8952c1ec999199851413a1779cd7d0ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:13:14 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1280443
expires: Sun, 25 Feb 2024 17:56:21 GMT

GET
H3 200 popups.css
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/css/ Frame 0881 2 KB
1 KB 483ms
477ms Stylesheet
text/css 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 145107
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FR80TXZwINUpbT1FzdndPMZMdoO4a5pIQUJvMwrvh5%2FfdFmHAZIExK9mq%2FDMSzy8cWJ%2Bq6kXs%2BaCluMAbuIl%2Bqgtuh%2BUcWzx96IbT%2F%2BL4EoM%2FDa5tVQrVsEm0VjfcnGY4KbAJIoTieeWP%2B1n2DDCHrLB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716225ec18daf-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 02 Feb 2024 13:54:26 GMT

GET
H3 200 email-decode.min.js Show response
bolo.treksantuy.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 0881 1 KB
1 KB 483ms
477ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolo.treksantuy.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2024 10:32:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b38a27-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MuOYCNyF%2FmJiY1iJKFAPjyNmkjXT3%2Fn0q2MtG%2FmSgFE65wQ7b1lNbjGKSbH6ehXzpti1zu%2Fp8DJ0zNZ2oY3zzyD%2BFl7U3TQrx2Xy1l4S1Nwh1%2BCV%2FEjYZ24twbiYU60%2Baep5sFj8JSK%2F%2FRpIie2dvUR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84c716225ec28daf-MIA
expires: Tue, 30 Jan 2024 06:12:54 GMT

GET
H3 200 jquery.modal.min.js Show response
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/ Frame 0881 4 KB
2 KB 484ms
477ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 604346
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCkcfz5FO5rJ3dPutkPLObi%2FZ793lK%2Bi%2FZQJbpQBjC%2BZhvZCC%2FVcG5TtdDaL%2Fub9aaMoWaq95FJCmoMg7G2MKu8AfLdiLSlTq95kakt0KMSTef8DReINNGiM7WMNwESzC2sDPZuNkgoamfois%2FH%2Fblmk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716225ec38daf-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 06:20:28 GMT

GET
H3 200 popups.js Show response
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/js/ Frame 0881 2 KB
1 KB 484ms
478ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 604344
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAu3Kx0PwDfWCy%2FpsiI9bj63%2FOJjGdQ4TlkRZapNb8Mh2b20feD5ep%2F70wodM9Cjg249KYaJGv5NDjIEg39QZv3e%2FGhVT1I7cDMwjWAwAyUioxuvh2dV%2F5%2FZbEY8L7V%2BiLyq581mMFG%2FPRzWIromYYag"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716225ec48daf-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 06:20:30 GMT

GET
H2 200 / Show response
v1.prediktorangka.xyz/ Frame E81C 121 KB
20 KB 552ms
462ms Document
text/html 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47673d5aabc799bac8fff9c6aee465537302fbf6a5869c4217ae0fd299714077

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 84c7162308e1748a-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 06:12:55 GMT
expires: Sun, 28 Jan 2024 06:12:55 GMT
link: <https://v1.prediktorangka.xyz/wp-json/>; rel="https://api.w.org/" <https://v1.prediktorangka.xyz/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json" <https://v1.prediktorangka.xyz/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNuFoYntzAtoopv89qnJtEGAp37ZSSypjYur7YusVs2wZsyx38V7tQJGCfc2070IAanlaSP0nlxgTNvEiKFSfoPdEUSBt5734mSScnJnbFN2QMdKSnzedXhMFsn9qU6LZe1DlYAlAxu4SY9RmqzZ9C6FcUQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK 4789234.php Show response
s4.histats.com/stats/ Frame 0881 438 B
573 B 273ms
130ms Script
text/html 149.56.240.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4789234.php?4789234&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mTREK%20SANTUY%20%E2%80%93%20ANTO%20BOOMER&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s432&@ten-US&@u1600&@b1:22363172&@b3:1706422375&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534299.ip-149-56-240.net
Software: /
Resource Hash: 2911350b34b9b288c262ef237130911ee9eb84833e6e3d271a1559bf1e86c4fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:55 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H3

200

result.php Show response
wget.angkapaito.net/ Frame EB27
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
967 B

145ms
140ms

Document
text/html

2606:4700:3037::ac43:b044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7151ca0d77e0125fe9a89dfae59d7dcdb36527ffb391715de9380635d0cf73

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c716238c9d498a-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 06:12:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zbHCGPUmjvM5rXpkTwioEDMEGhnZ%2BtGuLeMDWGsxDaATULiDBCW%2B3MzcvJ%2BxiXq9w%2FzdRBtvf6k3D0THSYhfqx6Mwbpj9HxxA%2BBlhiwz6F6hVQwNBjtokSaXSBvA5vJFM%2BKbqaFMWWY3ZiO6UeOOrk9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c716230ba35c64-MIA
content-type: text/html
date: Sun, 28 Jan 2024 06:12:54 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsVs5pP%2FJc0NAYTKg86w7t%2FveRdO65EdGP1K0JaPAttscD6%2B2WRYLuvHp9ixW7YRgBjOBbXK40XsFoq9xO92J%2BxfwN1dvB7dWk6Jfr3xU8unyykLS%2BFiuBDSYC7IoNsk2%2BVDm%2BiLtxuNokFIrCYzQaqTcmI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 17A0 11 KB
4 KB 151ms
128ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 72046
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c716230aa125af-MIA
content-length: 4547

GET
DATA 200
OK truncated
/ Frame 17A0 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
markas-prediktor.info/ Frame A771 114 KB
26 KB 1256ms
375ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

59249b78d3ce44e4356aa987b9e0b837ff3255fd635730eb75b8294dbafb17a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 06:12:55 GMT
link: <https://markas-prediktor.info/wp-json/>; rel="https://api.w.org/" <https://markas-prediktor.info/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://markas-prediktor.info/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ 43 B
178 B 241ms
119ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IEL0ASZHXTLlTGISRgSRbBX9
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:55 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 cc_432.js Show response
s10.histats.com/counters/ Frame 0881 18 KB
7 KB 44ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_432.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60753d7fdcfbff1bc5de6cfa1b1d7c4041e32257bebaa6459843f9e6e5dbe302

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 18084
etag: "1507603602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c716247c6625af-MIA
content-length: 7502

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 0881 7 KB
4 KB 130ms
125ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4789234.php?4789234&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mTREK%20SANTUY%20%E2%80%93%20ANTO%20BOOMER&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s432&@ten-US&@u1600&@b1:22363172&@b3:1706422375&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3015b454eba4cc362de0ec1a16108624208981aca6c0eb84ceacceddbbb93c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
x-t: 0.282
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhyBo6V1gMlqgOunR6KqGNYL6POyEvWE1TIRfy1qJ2uB%2Bsw%2Fd%2BwK5JcPgN6Ld1I1vDeVZI%2B3GbfZ7VP6sQAuU2%2BkhWAKTvwHzV84TEYsn19MoXclEEE%2BcrmC%2FasqZRGtco1CBEA3tA0psGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 84c7162479d73376-MIA
expires: Sun, 28 Jan 2024 06:12:54 GMT

GET
H/1.1 200
OK 4794504.php Show response
s4.histats.com/stats/ Frame 17A0 434 B
569 B 441ms
63ms Script
text/html 149.56.240.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4794504.php?4794504&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLASKAR2D%20%E2%80%93%20PREDIKSI%20ANGKA%20TOP%20LASKAR2D%20HARI%20INI&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:47448640&@b3:1706422375&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fking.laskar2d.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534299.ip-149-56-240.net
Software: /
Resource Hash: 113c26ae750bcb91910ea9713f6d68189afee52c5a73669d1c3c5b977be02cad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:55 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 0881 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: add3315d7a7bb82510756eb8828798744b2613a242d9388a73acc0b67b9101a9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 0881 58 KB
18 KB 100ms
83ms Script
text/javascript 13.225.195.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-59.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:47:37 GMT
content-encoding: gzip
via: 1.1 90afcdb26518f969b68e124515efb74c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 19519
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: sqaUjOXoC_WmRvgicENtMMMht2V3OdVQsthp9pyb1IXWIU8J2vQ8Pw==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 0881 0
466 B 108ms
93ms Script
application/javascript 2606:4700:20::ac43:4aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=1040170642237250578C5E26DACD5E6F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fbolo.treksantuy.xyz%2F&r=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
x-t: 19.4
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrTiyJ19T4IpzdCsbrKBKLJhm94FtwDcQ%2FnRV3iwueLFHeAQhEEoYXCMkH5OusiRGoIi7kIqOCqgWYp9qp9USPuTn3AtLxt7llv7nQHuxOJmaXTdCwz8vttWIiPXl1QHjtQ43lYAKqnQAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 84c716256a3b8dba-MIA
expires: Sun, 28 Jan 2024 06:13:28 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 0881 33 KB
11 KB 95ms
80ms Script
text/javascript 13.225.195.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-127.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
date: Sat, 27 Jan 2024 11:30:37 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 67339
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: AwfpBK5Zkhsq32h9mzpTpHoE6Y-jbHljDOf6iVtchIUAv_8-gVy3YQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 0881 2 KB
3 KB 72ms
63ms Script
application/javascript 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

c2744159aabad669e4581c889ad963af5e4ece5f383f7b56571bcc737c07eb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 0881 51 B
336 B 124ms
110ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=bolo.treksantuy.xyz&_ss=xmdvfvb8dr&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=3rps&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f411642419857380d101881b9ac0df988e4f296332601e27b9b0ded054d2291

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
x-t: 0.167
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGjBDpq2Zm4XNTwCPnFmXBFhYOJrcbbQM0LrlLyaYY%2Bv97heeQjcroOmUJhc%2F2iYLBq35lWE0m7iHwxtzrFkV9XrHhW5kCFTbTjGKDk0sgVtn6FhNEqD7RI9aDTrkrwKkqB5X8OPbVlZYdg%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84c716256a8a3376-MIA
expires: Sun, 28 Jan 2024 06:12:54 GMT

GET
H2

200

33141
tags.bluekai.com/site/ Frame 0881
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=1040170642237250578C5E26DACD5E6F
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=b0d4de54d60b388e

62 B
427 B

4037ms
142ms

Image
image/gif

23.220.132.230

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=b0d4de54d60b388e
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Server: 23.220.132.230 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 28 Jan 2024 06:12:59 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=b0d4de54d60b388e
content-length: 0

GET
H3 200 wp-emoji-release.min.js Show response
bolo.treksantuy.xyz/wp-includes/js/ Frame 0881 18 KB
5 KB 40ms
38ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 07:26:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 56333
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lk1lpRNufSA6DZAn6Gc6mbG7I1MiDw7zuSh4zVGB2ApUPqGOb3VG0sI0ZycHbLh%2FGNMRB85nVTdhyy%2Bu%2BQVRyBVpEffkk7tq6gKc0UZoAAyzkO4fJ%2FTi4hTBS4OBYBn7N5Uc7h44gutaA1HSiYwcADaH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7162588ce8daf-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Feb 2024 14:34:02 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 0881 2 KB
2 KB 53ms
52ms Script
application/javascript 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9912021622453686&stid=ZGAACWW18GUAAAAIZH1dAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 28 Jan 2024 07:12:55 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 0881 42 B
265 B 61ms
61ms Image
image/gif 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&event_source=dtscout&rnd=0.9912021622453686&exptid=ZGAACWW18GUAAAAIZH1dAw%3D%3D&fcmp=false

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 1f534.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0881 113 B
424 B 90ms
26ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f534.svg

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

93f28a18a1df638b539f6bde99c048a50ad7b8a5643c6966a0546a0c50f7cace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 28 Jan 2024 06:12:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 113
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 0881 50 B
463 B 88ms
83ms Fetch
application/json 54.192.51.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-72.yul62.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 14:34:55 GMT
via: 1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront), 1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, YUL62-C2
age: 56280
x-amzn-requestid: 42ecdfa8-135f-4665-bdc9-b052e4d2c379
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SNAmZFseCYcEibA=
content-length: 50
x-amz-cf-id: QUaB-el-P5zNzl9Bilqu3HT0N44lcdSfd5L3zXKAX5RZpu0cdyfnPw==

GET
H2 200 style.min.css
v1.prediktorangka.xyz/wp-includes/css/dist/block-library/ Frame E81C 107 KB
15 KB 43ms
40ms Stylesheet
text/css 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 05:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 192198
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0BZUisgsI0ERF0H%2Bsd41E6IZor2s9luSBunkj8solTJPWJlfqTbLcgsyIMQci4%2FMc0YKnU1Syyvh%2FR%2BbQXBAC%2BxpVflhJZMWNPYSSFEy30X2UkL7aMZ4saLF31N%2BG5okdYJlzo5ZGSvydk78Ilw10Saw7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716267bf8748a-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:47:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E81C 9 KB
919 B 64ms
62ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 06:00:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Jan 2024 06:12:55 GMT

GET
H2 200 genericons.css
v1.prediktorangka.xyz/wp-content/themes/frontier/includes/genericons/ Frame E81C 28 KB
16 KB 40ms
38ms Stylesheet
text/css 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-content/themes/frontier/includes/genericons/genericons.css?ver=6.4.2
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:23:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 440284
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axw0ZsC2fSgx1P8sPlrbYJf55JpExgRs6xbly8R6K6vkYfXKJ9O2BUqm2R1Rwv2T8O4cTJ30J5gbosbofYEfcSCSMh%2FC7EO42Up3%2FLtNHZ7HluKByyt%2FY3TeGdMpHcmMIaEOUNEiOYxLS%2BQkcl%2FkidEX8Qg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716267bfc748a-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:47:43 GMT

GET
H2 200 style.css
v1.prediktorangka.xyz/wp-content/themes/frontier/ Frame E81C 22 KB
6 KB 43ms
41ms Stylesheet
text/css 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-content/themes/frontier/style.css?ver=6.4.2
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 652c463da97d1e1f7f3c31bfb81e978632c13a944bd78180979dbf5dd4e0b0a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jul 2023 14:08:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 440285
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FayW7L4RjFGKoEEf%2FBj1uHZTpPx80GYgbusHOHeLQCTAnVk3BY1RUMKLeHUnvTZtwh%2BCSNSJI%2B6v%2FnIuoE8j8%2F9L3rwJg8xZqWO1qw2vMLkxKbS%2BGrGnrbwog2j15MSr8PMxBH14eWOHvArwF7EOJPOl6q0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716267bfe748a-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:47:43 GMT

GET
H2 200 responsive.css
v1.prediktorangka.xyz/wp-content/themes/frontier/ Frame E81C 3 KB
1 KB 42ms
41ms Stylesheet
text/css 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-content/themes/frontier/responsive.css?ver=6.4.2
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:23:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4485
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtgM9raLLzIGkpIkNdMW7ypNMinHbWQ7qk0w%2Bhae%2BckL%2FlHbmhw2IXCPQ7XoPZhqsMo0noeUB8ib%2BBxDW9JDExJ4xBUoe3Knkrihym9oPkr0edrXoVTyAowGV05VLlLS4vqUbPM%2Fr%2F8wdicKYXnk%2FI19SMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716267c00748a-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:47:43 GMT

GET
H2 200 jquery.min.js Show response
v1.prediktorangka.xyz/wp-includes/js/jquery/ Frame E81C 86 KB
31 KB 47ms
46ms Script
application/javascript 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 05:08:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 440284
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpPJcI7bWdajIqERIbppkqGdwewhlvzPWcM7dSvtWKeyk%2B9JF7MNTldEioWs4f6WQmv3OrYJt7evir0FLYZ7KAhLE0ZNNuEwiW7jZ5sKWpYkieyitFv%2Boa%2FawQyzbet7HDznKWSi%2F6MsqYVdvPaiDMG2%2BV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716267c01748a-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:47:43 GMT

GET
H2 200 jquery-migrate.min.js Show response
v1.prediktorangka.xyz/wp-includes/js/jquery/ Frame E81C 13 KB
5 KB 43ms
42ms Script
application/javascript 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 05:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 440285
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXt1rGasgCApl8iXWW0pKR5foExJmCm5rGxamsQXXq3z88IdFEOiL0ZOZAws1htPXfoi%2FrCU8j8BtWvsmB3yx13H9FfXCYO5TGRfRYTf292XAbxLwsaoSQ19Ks3WgiomUt31ncSoohunV%2FYhXP%2Bj80WAOes%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c716267c03748a-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:46:44 GMT

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame F90A 0
0 323ms
156ms Document
text/plain 3.161.213.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=92335
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-66.yul62.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 28 Jan 2024 06:12:55 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 a6f2e7c3dd76750ec70d32e7fcf09838.cloudfront.net (CloudFront)
x-amz-cf-id: _WP0IGAxUsZkcCyDBP8hWlwjgMcaVESPK4rV7Mtd_TYrG3uHhb_0Ig==
x-amz-cf-pop: YUL62-P1
x-cache: Miss from cloudfront

GET
BLOB 200
OK 3c69e64c-e3c9-4eae-8877-90b6db27231d
https://v1.prediktorangka.xyz/ Frame E81C 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://v1.prediktorangka.xyz/3c69e64c-e3c9-4eae-8877-90b6db27231d
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 96CF 2 KB
1 KB 55ms
51ms Document
text/html 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9912021622453686&stid=ZGAACWW18GUAAAAIZH1dAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 28 Jan 2024 06:12:55 GMT
Expires: Sun, 04 Feb 2024 06:12:55 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 1E47 19 KB
9 KB 59ms
58ms Script
text/javascript 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:55 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Sun, 04 Feb 2024 06:12:55 GMT

GET
H3 200 close.png
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/ Frame 0881 4 KB
5 KB 236ms
236ms Image
image/png 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/close.png
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177128
alt-svc: h3=":443"; ma=86400
content-length: 4393
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSqxN7wKVnrJeJxMZMK8m%2FcMMYKTUODwur6j0dDr1tNtpQtQ04SA38maI7Z3MsDSs0YQ1cthA0Z7Zed46fTgLJctBBbC4d7kFXOJnC0a27wGMJTYpUMW2TA4Ack3Ify7SIyxH3BnLihuaRu%2BA%2Ba%2B1cEk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84c716274a038daf-MIA
expires: Fri, 02 Feb 2024 05:00:45 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 0881 5 KB
2 KB 78ms
77ms Script
text/javascript 54.192.51.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-122.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 06:10:25 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 151
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ygM_AfgqSlvUT_5VyEPwsYr-g32qn9-sXImtdGP3zuBpgXyfpFQHJw==

GET
H2 200 dewapokernew.gif
dolarpro.files.wordpress.com/2024/01/ Frame E81C 560 KB
561 KB 43ms
27ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dolarpro.files.wordpress.com/2024/01/dewapokernew.gif

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e0ff626d853e4ead8a67b5b6f21954d700a99d240fac512dd8625edc19534d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Jan 2024 04:08:56 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://dolarpro.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 573942
expires: Thu, 08 Feb 2024 19:19:06 GMT

GET
H2 200 antarbet.gif
dolarpro.files.wordpress.com/2023/11/ Frame E81C 404 KB
404 KB 45ms
29ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dolarpro.files.wordpress.com/2023/11/antarbet.gif

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f322fbeab1b9d9238f3b1b83d5c7b47d63c0211f10dbe02620ba5c65e8eb5f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 10:40:39 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://dolarpro.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 413419
expires: Tue, 27 Feb 2024 07:02:34 GMT

GET
H2 200 jquery.dataTables.min.css
cdn.datatables.net/1.10.19/css/ Frame E81C 14 KB
2 KB 423ms
35ms Stylesheet
text/css 2606:4700:10::ac43:e8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.19/css/jquery.dataTables.min.css

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1940559
content-length: 2109
last-modified: Tue, 17 Jul 2018 10:18:26 GMT
server: cloudflare
etag: "1121ccf-364c-5712f444e19c2-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84c71629ec4131ef-MIA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sat, 04 Jan 2025 19:10:16 GMT

GET
H3 200 space-banner.gif
v1.prediktorangka.xyz/wp-content/uploads/2023/04/ Frame E81C 236 KB
237 KB 44ms
41ms Image
image/gif 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v1.prediktorangka.xyz/wp-content/uploads/2023/04/space-banner.gif
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3237c5ab8d2ff9f2cce7ba4052f4aa626fa2e868d9f66ecde527edce232a3d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 439100
alt-svc: h3=":443"; ma=86400
content-length: 242042
last-modified: Mon, 24 Apr 2023 19:12:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wZoMsKE6Rq%2Fj67NbwMU3I0AAbuNs8aybEHix7VODauD2B3YL8y447CPRBB2RPuymdIREj3PvqtHqfv%2FC3ZeZqWVh4tF8oLKzCHU%2BH8nSYUn62I9SuQDCYpTcmQIez0G8X3%2Fi6tw3MNdEhtKCumhMfPuulg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84c71627886867d4-MIA
expires: Wed, 22 May 2024 03:47:45 GMT

GET
H2 200 wetontoto.gif
dolarpro.files.wordpress.com/2024/01/ Frame E81C 3 MB
3 MB 41ms
28ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dolarpro.files.wordpress.com/2024/01/wetontoto.gif

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7120798bd821aad18f1b7c5dbf402f92bf9460ace6dc08655c6f9d327484f88b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2024 06:46:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://dolarpro.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2882120
expires: Sun, 04 Feb 2024 06:24:29 GMT

GET
H2 200 romobett.gif
dolarpro.files.wordpress.com/2023/11/ Frame E81C 2 MB
2 MB 40ms
27ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dolarpro.files.wordpress.com/2023/11/romobett.gif

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cabd6c6e2ce478bc6a9344f5f75f501bbf6b7ba8fd54d7487e7a09279f3a34d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 10:42:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://dolarpro.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1595918
expires: Wed, 31 Jan 2024 02:20:16 GMT

GET
H2 200 dewatogel.gif
adsbaner.files.wordpress.com/2023/11/ Frame E81C 241 KB
242 KB 102ms
35ms Image
image/gif 192.0.72.18
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adsbaner.files.wordpress.com/2023/11/dewatogel.gif

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.18 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc9354ae446f83517107e9d7002f8d4686d0109bddd630ee1bf5750504a3714a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 18 np
date: Sun, 28 Jan 2024 06:12:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Nov 2023 04:52:36 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://adsbaner.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 247093
expires: Tue, 06 Feb 2024 21:42:16 GMT

GET
H2 200 bolagila.gif
dolarpro.files.wordpress.com/2024/01/ Frame E81C 160 KB
160 KB 42ms
30ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dolarpro.files.wordpress.com/2024/01/bolagila.gif

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

eb88f6616421886b52eb182ffc54db023dc3e0b076576378da5e22df7788669b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Jan 2024 03:55:44 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://dolarpro.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 163581
expires: Mon, 05 Feb 2024 12:04:29 GMT

GET
H2 200 win4d.webp
dolarpro.files.wordpress.com/2023/11/ Frame E81C 755 KB
756 KB 41ms
29ms Image
image/webp 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dolarpro.files.wordpress.com/2023/11/win4d.webp

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

65c2849166f779b2b5c16440a7f16a2dbe1b86a5a030b6185cb46b92705dc732

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 30 Nov 2023 06:04:11 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/webp
access-control-allow-origin: https://dolarpro.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 772932
expires: Fri, 09 Feb 2024 18:39:08 GMT

GET
H3 200 toto88.gif
dolarpro.files.wordpress.com/2023/11/ Frame E81C 2 MB
2 MB 346ms
316ms Image
image/gif 192.0.72.22
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dolarpro.files.wordpress.com/2023/11/toto88.gif

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

627a1a84ba0a2fc04202a87bdc32be2fb26820f613775ba684856484e007b4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 22 np
date: Sun, 28 Jan 2024 06:12:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 30 Nov 2023 06:04:18 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://dolarpro.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2355350
expires: Wed, 07 Feb 2024 08:09:04 GMT

GET
H2 200 igamble.gif
adsbaner.files.wordpress.com/2023/11/ Frame E81C 89 KB
90 KB 153ms
88ms Image
image/gif 192.0.72.18
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adsbaner.files.wordpress.com/2023/11/igamble.gif

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.18 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fe369aa1004409e05f5184452df947217f15250a2350d34ef5961981ceee17b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 18 np
date: Sun, 28 Jan 2024 06:12:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Nov 2023 04:52:39 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://adsbaner.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 91585
expires: Thu, 01 Feb 2024 22:06:14 GMT

GET
H3 200 Prediktor-Predaktor-Jitu.gif
v1.prediktorangka.xyz/wp-content/uploads/2023/04/ Frame E81C 391 KB
391 KB 637ms
634ms Image
image/gif 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v1.prediktorangka.xyz/wp-content/uploads/2023/04/Prediktor-Predaktor-Jitu.gif
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e267f31b517666122236197871cd2076698dcc0818f9f811722a0ac6d3ad2552

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 439101
alt-svc: h3=":443"; ma=86400
content-length: 400097
last-modified: Mon, 24 Apr 2023 18:34:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJauYMSR%2FRWDGC0I5mJob2gdfA9N5K0nOwddgYlodniFLUu8uBJMwsyVikpIKQyCP0qP1jVkxFcGBjkF66t2GEfA1f0WfO93nEGjbfdUzj0LniVwHnWDboC9UK12Jo8zVoz3vtiKou9giEGEa%2Fro9x0pvVU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84c71627886967d4-MIA
expires: Wed, 22 May 2024 03:47:45 GMT

GET
H2 200 jquery-3.3.1.js Show response
code.jquery.com/ Frame E81C 265 KB
79 KB 437ms
26ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.js
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 11620173
x-cache: HIT, HIT
content-length: 80268
x-served-by: cache-lga21980-LGA, cache-mia-kmia1760074-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1706422376.012467,VS0,VE0
etag: W/"28feccc0-42587"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 42, 7432

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.10.20/js/ Frame E81C 82 KB
28 KB 418ms
36ms Script
application/javascript 2606:4700:10::ac43:e8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.20/js/jquery.dataTables.min.js

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f871fee6fdc802e757bb0453f141c299717af2cd28eeed56012892ce28f1ef4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5182551
content-length: 28862
last-modified: Mon, 06 Nov 2023 12:01:10 GMT
server: cloudflare
etag: "112045f-14961-6097a9c2668f8-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84c71629ec4231ef-MIA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 28 Nov 2024 06:37:03 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame E81C 50 KB
50 KB 63ms
60ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://v1.prediktorangka.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:05:05 GMT
x-content-type-options: nosniff
age: 68870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 11:05:05 GMT

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ Frame E81C 20 KB
20 KB 140ms
137ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://v1.prediktorangka.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:18:35 GMT
x-content-type-options: nosniff
age: 68060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20040
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 11:18:35 GMT

GET
DATA 200
OK truncated
/ Frame E81C 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://bolo.treksantuy.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK 4599561.gif
s4is.histats.com/stats/i/ Frame E81C 1 KB
2 KB 226ms
71ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4599561.gif?4599561&103
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: 9897213de7aacf723ae4372872a710aecdb0c31fe8a4bb1af9e75ce6b677895f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:55 GMT
Connection: close
ETag: 355783692
Content-Length: 1490
Content-Type: image/png

GET
H3 200 email-decode.min.js Show response
v1.prediktorangka.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame E81C 1 KB
1 KB 1101ms
1100ms Script
application/javascript 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1.prediktorangka.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2024 10:32:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b38a27-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avoQflJBR7SJpHv%2FI9KUM1qyTqrDhu2%2BSJgdbWUXdvS5hxvvuUxDmB9kP88TU1R%2B2PMdlfSVE3ZA5CWeFD3oczMLZM50RfgTyiy%2BxHy0Og%2F%2BPUqG5w0OmJCNok%2BLXniBagdTvwG8BUggefRR8wZdPVor%2B4w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84c71627b88d67d4-MIA
expires: Tue, 30 Jan 2024 06:12:55 GMT

GET
H3 200 jquery.modal.css
v1.prediktorangka.xyz/wp-content/plugins/uji-popup/modal/css/ Frame E81C 823 B
839 B 1100ms
1098ms Stylesheet
text/css 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:20:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 439100
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BYbz2FS0eQE%2Ft50Qez5jVHhqwj3TRn1izyexTxD1vYv2sJr2bB%2BIcdZchWH%2BgRR75IGAmmKc5UT1rPW3xMvMg7yzVdPBl4tQrIp0UYT7BF68ET%2BHba4nYOK2z2m%2BObvm3gYAFUPzKwOahH3B%2FeFV2FNoH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71627b89167d4-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:47:45 GMT

GET
H3 200 popups.css
v1.prediktorangka.xyz/wp-content/plugins/uji-popup/css/ Frame E81C 2 KB
1 KB 1101ms
1098ms Stylesheet
text/css 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:20:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 170051
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBcvaAcbwP7d9nhddGR5H%2BUX8VmU6bgkVhjvKxiA0txLN%2Flk6uVg%2BrTGI%2FfgNs%2F5th%2B5pXnwpQsiEWnwYTBhf0nzgiqXJX2uNH%2FAlGzv96t5z2eC9fvMJ9%2BUE8CytaWjqbsZT6Y2vZBgNvsu1CuNYOVVuuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71627b89467d4-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:47:45 GMT

GET
H3 200 jquery.modal.min.js Show response
v1.prediktorangka.xyz/wp-content/plugins/uji-popup/modal/ Frame E81C 4 KB
2 KB 1101ms
1098ms Script
application/javascript 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:20:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 439098
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTEVBq3iR1nrCeRQ3PEVyQ5W9y7YlxB8WZk1LFctPFAgelZyN7kHnCMXLf7mAiu9r7%2BO21rbN6dC7VRS%2FSeBNaCl9AuRTULAbhHSwR%2F3k5LheoTdunJkAlRl2jRvXwNv1NrjLzvohoTY1u54lFiWhlovBps%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71627b89567d4-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:47:45 GMT

GET
H3 200 popups.js Show response
v1.prediktorangka.xyz/wp-content/plugins/uji-popup/js/ Frame E81C 2 KB
1 KB 1117ms
1114ms Script
application/javascript 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:20:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 439098
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9rkzEFKtiJRkCOcttjCViSfHebqBhWoxUZp2q7S%2F%2BeqMnUvXax8lj6vrC6POB%2BBwszfwyaf2U4MePuPzOQ%2FKKz5lXD1DYqtFD2UGhz7giudPdLnBA%2FkECsbONUjIw01F5TiOCc5BGpUj3CaeIm6LFX1S9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c71627b89667d4-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:46:56 GMT

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 17A0 16 KB
6 KB 149ms
148ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 65728
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c71627d85025af-MIA
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 17A0 7 KB
3 KB 131ms
130ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4794504.php?4794504&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLASKAR2D%20%E2%80%93%20PREDIKSI%20ANGKA%20TOP%20LASKAR2D%20HARI%20INI&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:47448640&@b3:1706422375&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fking.laskar2d.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96974bf81a3309711a809ce3c78f7ba01590e8273d610a23c4ec3d72314ab647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
x-t: 0.257
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6JNgvU%2BSjjXn6ozF%2F4gZlml%2F99dVM%2BCW%2FWOH5fxyn9MYDPodUYK%2FVWDtT5Nm2S%2FXtcDRTQxZaraI9Bah7zF8nb2iwd4sAyRwh1oo2c9x0iZHqbHqHY7YQYKb37B3Gd9S0ze0MTp44ZKSiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 84c71627dc9e3376-MIA
expires: Sun, 28 Jan 2024 06:12:54 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 1E47 0
289 B 55ms
54ms Image
text/plain 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGAACWW18GUAAAAIZH1dAw%253D%253D&tt=t.dhj&dhjLcy=1706422375450&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=sky.pasukanantidepo.shop&pn=%2F&qs=na&cc=US&cont=NA&evid=aTxsO1YAA1FHwTyFjYJN&urls=&rnd=1706422375644&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=94

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 06:12:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 28 Jan 2024 06:12:55 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 0881 41 B
333 B 58ms
57ms Fetch
application/json 3.211.54.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.54.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-54-87.compute-1.amazonaws.com
Software: /
Resource Hash: 98857c12df908b8cfcdb70f4e1e9fb8bcf84267837dba3d4427b8b1f888ac196

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://bolo.treksantuy.xyz
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 17A0 58 KB
18 KB 93ms
90ms Script
text/javascript 13.225.195.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-59.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:47:37 GMT
content-encoding: gzip
via: 1.1 90afcdb26518f969b68e124515efb74c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 19519
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 2LtGpQ0qO3ZyYNRSwELafEFlcif0WHdWjRryBGmphVPZsFGCIfnIXw==

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 17A0
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=1040170642237250578C5E26DACD5E6F
https://spl.zeotap.com/?zdid=1332&zcluid=7155e997ad8662f2
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=353d3f62-6796-438a-78e2-9e9b625d882d&reqId=b277d339-abbf-4a38-5aee-07540e994e3b&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEDmLTojAEI2WNag2en-a7Nk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=353d3f62-6796-438a-78e2-9e9b625d882d&reqId=b277d339-abbf-4a38-5aee-075...

95 B
165 B

150ms
144ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEDmLTojAEI2WNag2en-a7Nk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=353d3f62-6796-438a-78e2-9e9b625d882d&reqId=b277d339-abbf-4a38-5aee-07540e994e3b&zcluid=7155e997ad8662f2&zdid=1332

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://king.laskar2d.xyz
access-control-allow-credentials: true
cf-ray: 84c7162bae1d67da-MIA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEDmLTojAEI2WNag2en-a7Nk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=353d3f62-6796-438a-78e2-9e9b625d882d&reqId=b277d339-abbf-4a38-5aee-07540e994e3b&zcluid=7155e997ad8662f2&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 17A0 0
451 B 91ms
87ms Script
application/javascript 2606:4700:20::ac43:4aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=1040170642237250578C5E26DACD5E6F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fking.laskar2d.xyz%2F&r=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
x-t: 1.11
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=addaxRuunlD8i0D3YLe1gp7yIVoLg66%2B6gKnYMM%2FH7fhlj4dW%2Fjy%2BFHHQTCnuW5juJyT2%2FuFBiXVRk%2B8xvAYqTo7%2FHVu%2Fx1fVeWgnD5aBPFIiyl9FpB0Ehb6yiMClQe1a2JT0ROy0Sc6xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 84c716290d4a8dba-MIA
expires: Sun, 28 Jan 2024 06:10:34 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 17A0 33 KB
11 KB 391ms
385ms Script
text/javascript 13.225.195.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-127.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
date: Sat, 27 Jan 2024 11:30:37 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 67340
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: D2aVWT8fNBLVWiiGPjOGuXPWfhoWrj5aCRvs8bK-Eg0jY7yA99rFyQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 17A0 2 KB
3 KB 344ms
341ms Script
application/javascript 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

c2744159aabad669e4581c889ad963af5e4ece5f383f7b56571bcc737c07eb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 17A0 51 B
432 B 126ms
120ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=king.laskar2d.xyz&_ss=1k7lrjo7qv&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=68oy&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74683c31bb42dd97ef6dc15b39077002ee2743440ea539e8cbc01a4f43c9c3ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
x-t: 0.129
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HxLzKUwR2mUB%2FvwLug%2Bm0CIgSri8%2FnXsBJjikJMSNTY3yHi2C2bRTC8y15Ai%2F%2BIbxhfnsgmx8l3otqjMXQZm5iWF4SBWyEFqukiXLEv%2FKr7duztLXDRf6xQ7MTbqnuvXjjvG4he%2FD4WEVA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84c71628fda73376-MIA
expires: Sun, 28 Jan 2024 06:12:54 GMT

GET
H2

200

sync
pippio.com/api/
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=29995
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=29995&_li_chk=true&previous_uuid=1aa618d14548452c9fe0a29cf17233fc
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8233015085601279756
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=1aa618d1-4548-452c-9fe0-a29cf17233fc
https://p.rfihub.com/cm?pub=39342&in=1&userid=d861f7ba-777c-427e-bda3-d66fa0f036a9%3A1706422376.7564077&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd861f7ba-777c-427e...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2810035095662728572&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd861f7...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d861f7ba-777c-427e-bda3-d66fa0f036a9%3A1706422376.7564077&pid=500040&it=1&iv=d861f7ba-777c-427e-bda3-d66fa0f036a9%3A1706422376.7564077&_=170...
https://pippio.com/api/sync?it=1&pid=500040&_=1706422376.7588913&iv=d861f7ba-777c-427e-bda3-d66fa0f036a9:1706422376.7564077

42 B
193 B

257ms
255ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1706422376.7588913&iv=d861f7ba-777c-427e-bda3-d66fa0f036a9:1706422376.7564077
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1706422376.7588913&iv=d861f7ba-777c-427e-bda3-d66fa0f036a9:1706422376.7564077
Date: Sun, 28 Jan 2024 06:12:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H3 200 wp-emoji-release.min.js Show response
king.laskar2d.xyz/wp-includes/js/ Frame 17A0 18 KB
5 KB 1629ms
1628ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Feb 2023 12:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FK0v5vQ30Jn2sS9NeY99AK3qyR0Tv4GXoYr738rXkBAEDD3qtzP9Izd3wHIVOs11rZFruySmR5J3wVHO3he8W532esqmM2lAPHfC1RBy4mJHu%2BaY45E69DsgTWNce2WRLX%2FpLqbbY6KiDN5pOeFXSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7162adfa33dcd-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 04 Feb 2024 06:12:56 GMT

GET
H2 200 style.min.css
markas-prediktor.info/wp-includes/css/dist/block-library/ Frame A771 107 KB
13 KB 551ms
550ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13607
expires: Sun, 04 Feb 2024 06:12:56 GMT

GET
DATA 200
OK truncated
/ Frame 17A0 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame E81C 11 KB
5 KB 37ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 72048
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c7162b4c7425af-MIA
content-length: 4547

GET
BLOB 200
OK 7f457a04-f87a-4deb-b362-b0569848ca60
https://markas-prediktor.info/ Frame A771 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://markas-prediktor.info/7f457a04-f87a-4deb-b362-b0569848ca60
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 17A0 2 KB
2 KB 52ms
51ms Script
application/javascript 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.966068705675817&stid=ZGAACWW18GUAAAAIZH1dAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 28 Jan 2024 07:12:56 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 17A0 42 B
265 B 63ms
61ms Image
image/gif 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&event_source=dtscout&rnd=0.966068705675817&exptid=ZGAACWW18GUAAAAIZH1dAw%3D%3D&fcmp=false

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 17A0 50 B
453 B 124ms
122ms Fetch
application/json 54.192.51.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-72.yul62.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
via: 1.1 acb5e0138f17ffe7929a4d64a50c4a24.cloudfront.net (CloudFront), 1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, YUL62-C2
x-amzn-requestid: d4120a6d-70e0-4d70-a0e2-2c5213579374
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SPKAWGJVCYcEtiQ=
content-length: 50
x-amz-cf-id: b3Yb46wId73NbzPW5X98ls86IC6XxDqDXgd8tMse69cpvolWeeyCbA==

GET
H/1.1 200
OK 4599561.php Show response
s4.histats.com/stats/ Frame E81C 439 B
574 B 130ms
71ms Script
text/html 149.56.240.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4599561.php?4599561&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKTOR%20ANGKA%20TOP%20JITU%20HK%20SDY%20SGP&@n0&@ohttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@q0&@r0&@s102&@ten-US&@u1600&@b1:-145541290&@b3:1706422376&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fv1.prediktorangka.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534299.ip-149-56-240.net
Software: /
Resource Hash: 6f99eb912d0974e3eb866a918bfce5fa7ceef19041bed5a4d1163a2af05e22c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:56 GMT
Connection: close
Content-Length: 439
Content-Type: text/html;charset=UTF-8

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 0881 43 B
177 B 61ms
60ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IEL0ASZHXTLlTGISRgSRbBX9
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:56 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 1BB7 2 KB
1 KB 51ms
50ms Document
text/html 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.966068705675817&stid=ZGAACWW18GUAAAAIZH1dAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 28 Jan 2024 06:12:56 GMT
Expires: Sun, 04 Feb 2024 06:12:56 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 cc_102.js Show response
s10.histats.com/counters/ Frame E81C 19 KB
9 KB 38ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_102.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a56bb8abe848444bfd0e0ed1bb7a52310059e447c1c505955e682679e19f451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:38 GMT
server: cloudflare
age: 64149
etag: "863687319"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c7162cce8b25af-MIA
content-length: 9020

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E81C 7 KB
4 KB 126ms
125ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv1.prediktorangka.xyz%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4599561.php?4599561&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKTOR%20ANGKA%20TOP%20JITU%20HK%20SDY%20SGP&@n0&@ohttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@q0&@r0&@s102&@ten-US&@u1600&@b1:-145541290&@b3:1706422376&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fv1.prediktorangka.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54b138ffe626e047f27a44f52c77da85672cd12c7fc53a79f900559c85164de2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
x-t: 0.276
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHUzWxTqn3RwzHszSpmf%2BNR5ONNHmTO3r1%2Fzp307GFjPkCEGdNBYlbGSpqK%2BDhb%2FdG7L0cb6YoYMMuYXxu5hWaYUSzzx1IgLV1Ftiitk8eRMqVi7G3O6UzSw1pNsGsbQLR19WLumdaDXwjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 84c7162cc9d43376-MIA
expires: Sun, 28 Jan 2024 06:12:55 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 7F43 19 KB
9 KB 56ms
56ms Script
text/javascript 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:56 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Sun, 04 Feb 2024 06:12:56 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 17A0 5 KB
2 KB 73ms
68ms Script
text/javascript 54.192.51.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-122.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 06:10:25 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 152
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: MmcbqtseJ17nmphYrQWOe-H6EGBY5tyoFV90oiYoxdGO_DSQ7NmVrg==

GET
H2 200 cwp.css
markas-prediktor.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame A771 227 B
285 B 342ms
337ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Sun, 04 Feb 2024 06:12:56 GMT

GET
H2 200 sidebar-login.css
markas-prediktor.info/wp-content/plugins/sidebar-login/build/ Frame A771 2 KB
388 B 343ms
339ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Sun, 04 Feb 2024 06:12:56 GMT

GET
H2 200 style.css
markas-prediktor.info/wp-content/themes/asteroid/ Frame A771 28 KB
8 KB 342ms
338ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Sun, 04 Feb 2024 06:12:56 GMT

GET
H2 200 jquery.min.js Show response
markas-prediktor.info/wp-includes/js/jquery/ Frame A771 86 KB
29 KB 331ms
327ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Sun, 04 Feb 2024 06:12:56 GMT

GET
H2 200 jquery-migrate.min.js Show response
markas-prediktor.info/wp-includes/js/jquery/ Frame A771 13 KB
5 KB 342ms
337ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Sun, 04 Feb 2024 06:12:56 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame A771 157 KB
26 KB 89ms
26ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://markas-prediktor.info/
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 06:12:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1487901
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760088-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A771 30 KB
7 KB 98ms
35ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6477989
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84c7162d7ffb9ae6-MIA
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame A771 21 KB
8 KB 96ms
34ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://markas-prediktor.info/
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 06:12:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4668501
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760088-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame A771 62 KB
16 KB 96ms
35ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://markas-prediktor.info/
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 06:12:56 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5116566
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760088-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame A771 258 KB
258 KB 449ms
337ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:56 GMT

GET
H2 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame A771 4 MB
4 MB 375ms
263ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:56 GMT

GET
H2 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame A771 53 KB
53 KB 367ms
355ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame A771 652 KB
653 KB 388ms
377ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame A771 397 KB
397 KB 387ms
376ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame A771 443 KB
443 KB 647ms
637ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame A771 829 KB
830 KB 367ms
357ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame A771 736 KB
737 KB 774ms
764ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 energi%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcd_6SbNQ99XT55xk6HragvTgvW3NLi-I_7bHLaun0Ag0vc_7f1bgivGIuKkd6pUcJ0WsvtZ_yJPnZKqHNO2sI20DsMdXzIwHnIZqYKNp_O6Z2ZkJh5JRTkAg_6udkPzJ-nYkiCtHYRXeedER6... Frame A771 459 KB
459 KB 366ms
356ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcd_6SbNQ99XT55xk6HragvTgvW3NLi-I_7bHLaun0Ag0vc_7f1bgivGIuKkd6pUcJ0WsvtZ_yJPnZKqHNO2sI20DsMdXzIwHnIZqYKNp_O6Z2ZkJh5JRTkAg_6udkPzJ-nYkiCtHYRXeedER6chXzrDKr06HgvsVO7K0-ZhM7DrwlizaBFP5Rlyb9oYU/s480/energi%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

859fc224dfddea3a5015809ea2d6f46bd8510f039046c3c158f7c018d8f5fbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="energi toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469976
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 gas%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8o2khkyJmyjeKKryUtVWCD8NYEFirgx7mWmm39piLZL0Vcbqm3XpPhtT6YhFT0sLJsuOgzSUtn86hOSSDru6sdPskLiucWb220oM-vIBTmE6jCFOsHo3xl0UwIql1KLV8IEg7sa3ULv11gzHc... Frame A771 854 KB
854 KB 364ms
355ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8o2khkyJmyjeKKryUtVWCD8NYEFirgx7mWmm39piLZL0Vcbqm3XpPhtT6YhFT0sLJsuOgzSUtn86hOSSDru6sdPskLiucWb220oM-vIBTmE6jCFOsHo3xl0UwIql1KLV8IEg7sa3ULv11gzHc52Pp5LZTGU0FTdQgT0Yk5lkxNoPIaALhdgi8uR6Vtko/s480/gas%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab28525af13ce6f2aa74c54d16f533ee08d6df5555277b29093bb98a3df58a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d71"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gas toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 874244
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 apik%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV0OPcAYjgavrOnRETpMZHfxtk1pwNeJeg38Hkrm6cE5Mh1BiBCBFIYlQcrH9msRNgS2PpeteBebAQAQ-9lYSsBMXrQXcAQThbOAPYy3bTC2IDE0ztTRXRc_PiRPQX56BpnDoYs96xjknK3mXS... Frame A771 254 KB
255 KB 614ms
605ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV0OPcAYjgavrOnRETpMZHfxtk1pwNeJeg38Hkrm6cE5Mh1BiBCBFIYlQcrH9msRNgS2PpeteBebAQAQ-9lYSsBMXrQXcAQThbOAPYy3bTC2IDE0ztTRXRc_PiRPQX56BpnDoYs96xjknK3mXS3_GDU_ZJB-i4K_VOwXgpxsRA3_SZ9QVrPodghsW_5Cg/s480/apik%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1069c844742374ce5d55bf288826350c3c5c26c1bcdbde43f76c51c8e2df535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d6c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="apik toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260556
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 agung%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3oHrazPbRV_KiLS3VFJgcE1dNIDdcdOGrPaSOv45k9JSYoRpxvpmYTVw9NLfn95B3obtJ02bARci_4NRp8PqauNjFLIttAluvp4iob0jse_ERv0WWOWmdkHOhEzu8VKdVThprW5vC333101oD... Frame A771 384 KB
384 KB 366ms
357ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3oHrazPbRV_KiLS3VFJgcE1dNIDdcdOGrPaSOv45k9JSYoRpxvpmYTVw9NLfn95B3obtJ02bARci_4NRp8PqauNjFLIttAluvp4iob0jse_ERv0WWOWmdkHOhEzu8VKdVThprW5vC333101oD7d9brne0dmhSzxtsuGTZs4BDYSLyrFYrQPyyLpt3Q0s/s480/agung%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

51657894d582014e07c19a90007b911b5778078a5838eb727f3656fa438be887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d6f"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="agung toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 393106
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame A771 1 MB
1 MB 386ms
378ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame A771 2 MB
2 MB 367ms
359ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame A771 2 MB
2 MB 644ms
636ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame A771 733 KB
733 KB 607ms
599ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame A771 2 MB
2 MB 386ms
378ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame A771 812 KB
812 KB 612ms
604ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame A771 659 KB
659 KB 363ms
356ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame A771 1 MB
1 MB 859ms
852ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame A771 718 KB
719 KB 607ms
600ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame A771 309 KB
309 KB 861ms
854ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 PENUHBETT%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihHjNCCGyFzkDfwmtOldZw-nhbAurEH_jWBw0DqUiZYRloN5czcnp8yHQOgpj7QJY5IPRfT4EwZWp9lXe5hgp4-_Dkq7uhW_awvKmPqSQ6SsWabbE4Zy3Wom20uf2JC9WHoywcqdTq4PfZZF03... Frame A771 2 MB
2 MB 362ms
355ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihHjNCCGyFzkDfwmtOldZw-nhbAurEH_jWBw0DqUiZYRloN5czcnp8yHQOgpj7QJY5IPRfT4EwZWp9lXe5hgp4-_Dkq7uhW_awvKmPqSQ6SsWabbE4Zy3Wom20uf2JC9WHoywcqdTq4PfZZF03rN34plazLw_1FhY_Mvzbs-uyf044Z078ezKrhalnR9A/s464/PENUHBETT%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7a268fe54141807077d99c931e63dc4ed814892add35accf4f92fb98b0030d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v245f"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PENUHBETT 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1802346
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame A771 1 MB
1 MB 607ms
601ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 romobett.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBZmw8QjJdYHlO1X3PZbVty-fd1oQT2kaybeHrQSNy8fNPjdATnqB_jTgkEXqk9ksRYdyftZR9jvICiE_O5e9Hk4Zub4rfypu_2E-y681ZP04ArVY3gOQb4fB9oZptwkTclG6whLQI7S49OJI8... Frame A771 2 MB
2 MB 366ms
361ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBZmw8QjJdYHlO1X3PZbVty-fd1oQT2kaybeHrQSNy8fNPjdATnqB_jTgkEXqk9ksRYdyftZR9jvICiE_O5e9Hk4Zub4rfypu_2E-y681ZP04ArVY3gOQb4fB9oZptwkTclG6whLQI7S49OJI8YQW3GabW-bhhXGskmK2eKTsk36bAG9eWOHYz9NNnKN0/s900/romobett.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cabd6c6e2ce478bc6a9344f5f75f501bbf6b7ba8fd54d7487e7a09279f3a34d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v20a7"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="romobett.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1595918
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame A771 173 KB
173 KB 637ms
632ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 banner%20gif%20pasarbett.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifQGtsxCp3OeLvd1Lrhg9PmZ0YLr6TS2Q8cUFn3o9F6ZaUFaMVY39HddT-Yxn8nKqVYlt3SSVFkACEJF_mENwzUU78va4bupjbIhlCnLRY6LYIiYJEXOz2isxRZbKW5vY8OdK523YZgLRS4h15... Frame A771 16 MB
16 MB 641ms
636ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifQGtsxCp3OeLvd1Lrhg9PmZ0YLr6TS2Q8cUFn3o9F6ZaUFaMVY39HddT-Yxn8nKqVYlt3SSVFkACEJF_mENwzUU78va4bupjbIhlCnLRY6LYIiYJEXOz2isxRZbKW5vY8OdK523YZgLRS4h15-2UAhAryQKVW9TipjqURv_gTlHY9hhTVPobsb6KdbbY/s980/banner%20gif%20pasarbett.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3485295530761106ba56255187cc1f9a7f7cddb3b54eb1030dbd0c415b76afbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d0e"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="banner gif pasarbett.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16315436
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H2 200 banner%20gif%20idealsport88.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVJJ1AmWumNs9-LLxJVOnV6hsT7JgwrRId33gNFQQoyqiYG44FQSz1ByFtJwEVsfDI5GFVdUbLnUZAuUWAgOnUhT1euUdOv4tEOSV-qzbTd7t_0dFTHpwYLgtq3JLK7X4c2l04Mewm_DUGzqcn... Frame A771 1 MB
1 MB 767ms
762ms Image
image/gif 2607:f8b0:4004:c1f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVJJ1AmWumNs9-LLxJVOnV6hsT7JgwrRId33gNFQQoyqiYG44FQSz1ByFtJwEVsfDI5GFVdUbLnUZAuUWAgOnUhT1euUdOv4tEOSV-qzbTd7t_0dFTHpwYLgtq3JLK7X4c2l04Mewm_DUGzqcnMcsYZu90EyuhjO8lCv0iP_bu_Fkgq3COfeEdiVwtlOA/s464/banner%20gif%20idealsport88.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31fbef2d8aa8eb899334230f74c59be161cb7a3fef953d60d698855548e7c825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d09"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="banner gif idealsport88.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1559165
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:12:57 GMT

GET
H/1.1 200
OK 4710982&101.gif
s4is.histats.com/stats/i/ Frame A771 810 B
950 B 215ms
72ms Image
image/png 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4710982&101.gif?4710982&101
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash: b4b7afe4efaa2750f23de419dcaf08b30ec0ce355885c3c5b38d164933ce94d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:57 GMT
Connection: close
ETag: -1367341030
Content-Length: 810
Content-Type: image/png

GET
H3 200 wp-polyfill-inert.min.js Show response
markas-prediktor.info/wp-includes/js/dist/vendor/ Frame A771 8 KB
2 KB 597ms
589ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2320
expires: Sun, 04 Feb 2024 06:12:57 GMT

GET
H3 200 regenerator-runtime.min.js Show response
markas-prediktor.info/wp-includes/js/dist/vendor/ Frame A771 6 KB
3 KB 595ms
587ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Sun, 04 Feb 2024 06:12:57 GMT

GET
H3 200 wp-polyfill.min.js Show response
markas-prediktor.info/wp-includes/js/dist/vendor/ Frame A771 112 KB
34 KB 597ms
589ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Sun, 04 Feb 2024 06:12:57 GMT

GET
H3 200 frontend.js Show response
markas-prediktor.info/wp-content/plugins/sidebar-login/build/ Frame A771 4 KB
2 KB 595ms
587ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Sun, 04 Feb 2024 06:12:57 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ 0
143 B 121ms
121ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IEL0ASZHXTLlTGISRgSRbBX9&rand=85811&pu=
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:55 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 655CBD66C21B41279FEB8DA7D4F0F775 Ref B: MIAEDGE1315 Ref C: 2024-01-28T06:12:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYP+2uXMIP90Jp3I3+tbQ==

GET
DATA 200
OK truncated
/ Frame E81C 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe5b9f2de2eb7ded4746b2316d4176e3a3175fa2594ae4e417e3b2d3cf95aef3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 7F43 0
289 B 60ms
59ms Image
text/plain 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGAACWW18GUAAAAIZH1dAw%253D%253D&tt=t.dhj&dhjLcy=1706422376325&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=sky.pasukanantidepo.shop&pn=%2F&qs=na&cc=US&cont=NA&evid=5jxsO1YAMWzEzV2duz1n&urls=&rnd=1706422376700&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=257&bcnLcy=63

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 06:12:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 28 Jan 2024 06:12:56 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 17A0 41 B
332 B 53ms
53ms Fetch
application/json 3.211.54.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.54.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-54-87.compute-1.amazonaws.com
Software: /
Resource Hash: 98857c12df908b8cfcdb70f4e1e9fb8bcf84267837dba3d4427b8b1f888ac196

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://king.laskar2d.xyz
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame E81C 58 KB
18 KB 81ms
80ms Script
text/javascript 13.225.195.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv1.prediktorangka.xyz%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-59.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:47:37 GMT
content-encoding: gzip
via: 1.1 90afcdb26518f969b68e124515efb74c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 19520
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 0wySca1sarEnBXgs-VER2NEKUMtAQdBPfxMoD9Pcb8d-5JCK0TndjA==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E81C 0
442 B 125ms
123ms Script
application/javascript 2606:4700:20::ac43:4aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=1040170642237250578C5E26DACD5E6F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fv1.prediktorangka.xyz%2F&r=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv1.prediktorangka.xyz%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
x-t: 50.82
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Lj5wK9x8m0vcKatewES%2FXvZ8pwGCjZeDHGBGa7TK5jp6Ungrf9uwjcj6K59SD9qLvMphSd7AP6jLBdQSzfaVSR%2Fslwh3lKYz1jrA97bgYmCCYoL3kbozSVZF5M5wXEOJNgYazdaU%2F5Vow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 84c7162e8a068dba-MIA
expires: Sun, 28 Jan 2024 06:10:35 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E81C 33 KB
11 KB 79ms
77ms Script
text/javascript 13.225.195.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv1.prediktorangka.xyz%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-127.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
date: Sat, 27 Jan 2024 11:30:37 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 67340
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: CrdQqADjQgQ8Z6BpXDBXEj3umnGTjXVHGqJPA09wlPgMrEjNSqMsJA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame E81C 2 KB
3 KB 62ms
61ms Script
application/javascript 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv1.prediktorangka.xyz%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

c2744159aabad669e4581c889ad963af5e4ece5f383f7b56571bcc737c07eb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame E81C 51 B
343 B 124ms
123ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=v1.prediktorangka.xyz&_ss=4tpdu9klh3&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=2v0p&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv1.prediktorangka.xyz%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b1b3baced4e8e74a848013175cad7e2867c72507880cab144f51eeb9e7d8448

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
x-t: 0.132
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuE09xQknwJyK3aEvc9v5kDlp02WOeDOPf0LTpATizFwueGqzkhNPJBM6QUYMYAxsqxw%2FHWXty1tjevOnTnLzpVRxIlIRAfO8Y8iRTpBR4G183ers5AtYs1s8neG%2Fm%2B%2F8HqT5d08A1i9PNk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84c7162e8bc23376-MIA
expires: Sun, 28 Jan 2024 06:12:55 GMT

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame E81C 35 B
248 B 132ms
131ms Image
image/gif 146.59.148.16
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=1040170642237250578C5E26DACD5E6F
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-2.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
v1.prediktorangka.xyz/wp-includes/js/ Frame E81C 18 KB
5 KB 406ms
406ms Script
application/javascript 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.prediktorangka.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5oV4GV4q6C3kiraHArp8KA2aox9alnxL63XEu%2Bqh52Ovu%2FXpVzmuNeWwMPHr4s8eDQJX8xGeq%2FNnrGzMkZL8svZL%2FckZPnQ%2FwZz%2F%2BxoVUJGR7zC6uC3W%2B3UIK1BpIcNK6jqtPni%2BVMEeuI9VlcddT%2Fz6H8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84c7162ebffc67d4-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 03:52:58 GMT

POST
H3 200 admin-ajax.php Show response
v1.prediktorangka.xyz/wp-admin/ Frame E81C 564 B
901 B 657ms
656ms XHR
text/html 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1.prediktorangka.xyz/wp-admin/admin-ajax.php

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da9716ff327a20103375d98dee841e288e5f2998bdb2e49b9b3d6cf59dde864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://v1.prediktorangka.xyz/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://v1.prediktorangka.xyz
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iST2O44kHYMrGfPGQBdDTB3M9sCCam95J4pKgT7vOnwGennQPaNkT4gUMTeJQJdlSRvE%2F%2BAh9k%2FbfAgwCEG0tfGIzg0I6vdjiYhZKZeyE7KAQJJo7RSpGo1LtHFzI%2BnhMCN%2BcaNCEO0djuAM6Xecn9R4NTM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 84c7162f185067d4-MIA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame C5CC 0
0 86ms
85ms Document
text/plain 3.161.213.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=32195
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-66.yul62.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 28 Jan 2024 06:12:56 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 a6f2e7c3dd76750ec70d32e7fcf09838.cloudfront.net (CloudFront)
x-amz-cf-id: iarAfMTlxgYnU8nyYIZ9S-LKbW707WAvhebNM2pHA0mlqW3MUHfcsg==
x-amz-cf-pop: YUL62-P1
x-cache: Miss from cloudfront

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame E81C 2 KB
2 KB 52ms
51ms Script
application/javascript 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5919673831525376&stid=ZGAACWW18GUAAAAIZH1dAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 28 Jan 2024 07:12:56 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame E81C 42 B
265 B 61ms
60ms Image
image/gif 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fbolo.treksantuy.xyz%2F&event_source=dtscout&rnd=0.5919673831525376&exptid=ZGAACWW18GUAAAAIZH1dAw%3D%3D&fcmp=false

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:56 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame E81C 50 B
463 B 86ms
86ms Fetch
application/json 54.192.51.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-72.yul62.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 09:29:46 GMT
via: 1.1 aaf016fef66eecea8770da00a4c0e9d6.cloudfront.net (CloudFront), 1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, YUL62-C2
age: 74590
x-amzn-requestid: b9104f89-424a-4b97-a73f-2ce6c84c92b1
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SMT5vHFHiYcEYjw=
content-length: 50
x-amz-cf-id: aY268puVCbl9OtHHIDJeGcYadW6I-TxqZVXsFh7LOZE7OgruGwc62w==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame A771 11 KB
4 KB 37ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 72048
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c7162fa9bd25af-MIA
content-length: 4547

GET
DATA 200
OK truncated
/ Frame A771 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A771 75 KB
76 KB 94ms
36ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 975
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9b2a98d57ae2f97337e29da71903fc80
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84c716301de2033d-MIA
cdn-requestpullsuccess: True

GET
H2 200 / Show response
zona-bermain.com/ Frame A34E 104 KB
20 KB 1306ms
553ms Document
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.15

Resource Hash

17535b70f24e86a5bca91dbe61a2aa561407829b1fe4f5d12561c6131dc86f8b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 06:12:58 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://zona-bermain.com/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.2.15

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 3F38 2 KB
1 KB 52ms
51ms Document
text/html 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5919673831525376&stid=ZGAACWW18GUAAAAIZH1dAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://v1.prediktorangka.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 28 Jan 2024 06:12:56 GMT
Expires: Sun, 04 Feb 2024 06:12:56 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 4710982.php Show response
s4.histats.com/stats/ Frame A771 435 B
570 B 63ms
62ms Script
text/html 149.56.240.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4710982.php?4710982&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMARKAS%20PREDIKTOR%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fking.laskar2d.xyz%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-138915758&@b3:1706422377&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmarkas-prediktor.info%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534299.ip-149-56-240.net
Software: /
Resource Hash: 50bb9e362f34ad462b13405ef66cc2dd869a2c28d2b0f64d7fe03658afc9c0f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:56 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=55757
https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994

43 B
495 B

502ms
53ms

Image
image/gif

44.194.20.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-20-78.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Sun, 28 Jan 2024 06:12:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Sun, 28 Jan 2024 06:12:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 27 Jan 2024 06:12:57 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame F647 19 KB
9 KB 56ms
56ms Script
text/javascript 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:57 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Sun, 04 Feb 2024 06:12:57 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame E81C 5 KB
2 KB 72ms
71ms Script
text/javascript 54.192.51.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-122.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 06:10:25 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 153
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 1Zw1V5nGb00H_K9HERhBOt3rtMqYSaXVjW-RjhvQ4X-X1JeqpoLeLQ==

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 3EBD 0
289 B 75ms
52ms Image
text/plain 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGAACWW18GUAAAAIZH1dAw%253D%253D&tt=t.dhj&dhjLcy=1706422373884&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=sky.pasukanantidepo.shop&pn=%2F&qs=na&rdn=sky.pasukanantidepo.shop&rpn=%2F&rqs=na&cc=US&cont=NA&evid=N6wsO1YAB8tiSMl5aFwn&urls=!1!333!b-13j,!0!483!b-13l,!1!388!b-14s,!1!0!b-14t,!1!288!b-150,!2!0!b-16f&rnd=1706422377084&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=71&bcnLcy=120

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 06:12:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 28 Jan 2024 06:12:57 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame A771 22 KB
12 KB 38ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 57037
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c71630db0425af-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame A771 7 KB
4 KB 112ms
112ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4710982.php?4710982&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMARKAS%20PREDIKTOR%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fking.laskar2d.xyz%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-138915758&@b3:1706422377&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmarkas-prediktor.info%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e5d6293065206efe5136386e2f5455ef8d347dceedfea716494937c58e4c0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-t: 0.275
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkvVojI5Q5hrcxrbWFV6RFqNwDLC15vqt5OdQj35nIJPLqfIjFWQaTzohuECAMzlHSS38jk4jP9FOr70SXllP5%2BJf%2BWLC%2FPkW8SK8C7iqqHJBf9WIg51ulzL%2B7yPZhNIefDGwTCKKEuYQKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 84c71630de153376-MIA
expires: Sun, 28 Jan 2024 06:12:56 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame F647 0
289 B 66ms
51ms Image
text/plain 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGAACWW18GUAAAAIZH1dAw%253D%253D&tt=t.dhj&dhjLcy=1706422376941&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=bolo.treksantuy.xyz&pn=%2F&qs=na&cc=US&cont=NA&evid=5qxsO1YAAlRfIx0MFcAM&urls=&rnd=1706422377146&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=93&bcnLcy=120

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 06:12:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 28 Jan 2024 06:12:57 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame E81C 41 B
335 B 54ms
53ms Fetch
application/json 3.211.54.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.54.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-54-87.compute-1.amazonaws.com
Software: /
Resource Hash: 98857c12df908b8cfcdb70f4e1e9fb8bcf84267837dba3d4427b8b1f888ac196

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://v1.prediktorangka.xyz
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2 200 1f433.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E81C 789 B
721 B 28ms
27ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f433.svg

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

28d63fec48ab0c89355c23de6727b6fe04de522a4760f9cfa8361f7de40a745d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f691.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E81C 992 B
760 B 27ms
27ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f691.svg

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

6926aa8fc9c2ccb8e1422f51833cca10b8da3de2051ef7a52b6dd4a2e3011ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame A771 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame A771 58 KB
18 KB 186ms
184ms Script
text/javascript 13.225.195.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-59.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:47:37 GMT
content-encoding: gzip
via: 1.1 90afcdb26518f969b68e124515efb74c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 19521
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: _1ro0tRKRVaYXfJVb_RxoSN7zoRsT8U7JIBCM-3IYts46e8thZVf0A==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame A771 35 B
248 B 235ms
234ms Image
image/gif 146.59.148.16
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=1040170642237250578C5E26DACD5E6F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-2.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame A771 0
461 B 180ms
178ms Script
application/javascript 2606:4700:20::ac43:4aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=1040170642237250578C5E26DACD5E6F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmarkas-prediktor.info%2F&r=https%3A%2F%2Fking.laskar2d.xyz%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-t: 1.16
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4IKFhXOrtbupw%2Fj2GFO3MLP0hIOyWjPtkMmzKtAFqvSgruHSoFjPaC91wLw9dTn%2B2X97PsnNYZRSC%2FKQVY8PJWfaZI4ppaIRAdIOcCNqeu7J%2Bqd5aZWdguTMWXCPwsiQJ0XtUB%2Bfe5VXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 84c71632fe758dba-MIA
expires: Sun, 28 Jan 2024 05:19:00 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame A771 33 KB
11 KB 180ms
179ms Script
text/javascript 13.225.195.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-127.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
date: Sat, 27 Jan 2024 11:30:37 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 67341
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: dA__-5C0NibGyFrZExRFci35r96fiOtwOey2VGL5084FrvXEo0LtVA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame A771 2 KB
3 KB 166ms
165ms Script
application/javascript 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

c2744159aabad669e4581c889ad963af5e4ece5f383f7b56571bcc737c07eb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame A771 51 B
357 B 209ms
208ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=markas-prediktor.info&_ss=1sthzp66nj&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5ljm&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 304a2a3e7f848ccef1fd73c8e12133b204b94e6f6d5b4e2e4967e652a032f298

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-t: 0.191
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FL0r%2BYNrBxgZX6OBDhM7dRpZibWv%2BG75O3UJjleJq5ylazcjzkp8%2FfyPwkXzv9ia70eytJFWVZVTGxRvXDx14fszJy3E38G34OLqi9q9fT%2F9YpflCBtUwr9hO64X%2BxUHhpe1rpRjmbfocQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 84c71632f83c3376-MIA
expires: Sun, 28 Jan 2024 06:12:56 GMT

GET

live_intent_sync
x.dlx.addthis.com/e/ Frame 0881
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=9607
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=1aa618d1-4548-452c-9fe0-a29cf17233fc

0
0

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 17A0 43 B
177 B 158ms
158ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IEL0ASZHXTLlTGISRgSRbBX9
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:57 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 dewabet.gif
adsbaner.files.wordpress.com/2023/11/ Frame E81C 282 KB
283 KB 28ms
27ms Image
image/gif 192.0.72.18
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adsbaner.files.wordpress.com/2023/11/dewabet.gif

Requested by

Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.18 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2d551b2bfc076c5db44efe46c3ccd835369133065cc06ccbf0585ed070079f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 18 np
date: Sun, 28 Jan 2024 06:12:57 GMT
x-content-type-options: nosniff
last-modified: Sat, 11 Nov 2023 04:52:32 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://adsbaner.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 288911
expires: Mon, 12 Feb 2024 06:14:05 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=28006
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=1aa618d1-4548-452c-9fe0-a29cf17233fc
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=1aa618d1-4548-452c-9fe0-a29cf17233fc

42 B
716 B

54ms
54ms

Image
image/gif

50.17.221.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=1aa618d1-4548-452c-9fe0-a29cf17233fc

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Server

50.17.221.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-221-242.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-0c4d5cca0.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Sun, 28 Jan 2024 06:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: xkKlvnaDTQ4=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-2-v053-0527a3f70.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sun, 28 Jan 2024 06:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: fulFKeJPSsM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=1aa618d1-4548-452c-9fe0-a29cf17233fc
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 2F0E 85 B
481 B 74ms
69ms Document
text/html 13.225.195.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-127.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 761826
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:52 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
x-amz-cf-id: 6J9BCiyCHr7KbJldaNS8BoxIicsbw0n0Mvm_28G0tES5Et9SD7TBkg==
x-amz-cf-pop: YUL62-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame A771 2 KB
2 KB 52ms
51ms Script
application/javascript 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8615622960627336&stid=ZGAACWW18GUAAAAIZH1dAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 28 Jan 2024 07:12:57 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame A771 42 B
265 B 62ms
61ms Image
image/gif 52.15.236.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fking.laskar2d.xyz%2F&event_source=dtscout&rnd=0.8615622960627336&exptid=ZGAACWW18GUAAAAIZH1dAw%3D%3D&fcmp=false

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.15.236.209 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-236-209.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame A771 50 B
456 B 124ms
123ms Fetch
application/json 54.192.51.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-72.yul62.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
via: 1.1 a4d8112508e8450a57296bb3736a5136.cloudfront.net (CloudFront), 1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, YUL62-C2
x-amzn-requestid: 5c11e8c1-e6cf-4556-8666-fda744d4216a
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SPKAjFX-iYcEMgw=
content-length: 50
x-amz-cf-id: FVywk3UFILL44_dKXPi9guVmHDXyQAiQwcTRgV6PenlH_-gwP7i_tg==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 2F0E 766 B
1 KB 70ms
70ms Script
text/javascript 13.225.195.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-127.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Fri, 26 Jan 2024 08:36:36 GMT
via: 1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 164182
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: EGYsrOe4zzrjDA6JXf3lB0AEgVYOaHc3lB8dvvcED4mTmP5EE2XpfQ==

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 7EAA 2 KB
1 KB 51ms
51ms Document
text/html 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8615622960627336&stid=ZGAACWW18GUAAAAIZH1dAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 28 Jan 2024 06:12:57 GMT
Expires: Sun, 04 Feb 2024 06:12:57 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H3 200 close.png
v1.prediktorangka.xyz/wp-content/plugins/uji-popup/modal/css/ Frame E81C 4 KB
5 KB 1111ms
1111ms Image
image/png 2606:4700:3036::6815:3d6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v1.prediktorangka.xyz/wp-content/plugins/uji-popup/modal/css/close.png
Requested by: Host: v1.prediktorangka.xyz
URL: https://v1.prediktorangka.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 05:20:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAeyyOYU9QhxTPBBHzBuBvOy1b%2FLi1Tg2jVozqpqbRF%2Bk5OCZC7Q5VEj0oxAzckgyqA0y1lq5ZInN1QXBMuULT5%2FcDTnpfi61JQBZfeZh0WwWCyN0SBzB7MUT9dpBEFxaz%2BFWZzPsPwy5Jk4gkH57uJEYrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84c716359f4367d4-MIA
alt-svc: h3=":443"; ma=86400
content-length: 4393
expires: Wed, 22 May 2024 03:50:50 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame A771 5 KB
2 KB 71ms
70ms Script
text/javascript 54.192.51.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.51.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-122.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 06:10:25 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 153
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: EDAEdRtC2cEzErjp3Onxhj0khy-IINFpH98EY_FP1g6GJySDleQyYw==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1275.23381/a/US/ Frame 9EEA 19 KB
9 KB 57ms
56ms Script
text/javascript 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1275.23381/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:57 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Sun, 04 Feb 2024 06:12:57 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 0881 0
142 B 123ms
122ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IEL0ASZHXTLlTGISRgSRbBX9&rand=60286&pu=https://sky.pasukanantidepo.shop/
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:57 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D6B952A737984EE2B127F49B515EEE76 Ref B: MIAEDGE1315 Ref C: 2024-01-28T06:12:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYP+2usk9hfszj+SRsXGA==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame E81C 43 B
177 B 59ms
59ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IEL0ASZHXTLlTGISRgSRbBX9
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:57 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 75F5 0
0 112ms
112ms Document
text/plain 3.161.213.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=90245
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 3.161.213.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-66.yul62.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 28 Jan 2024 06:12:57 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 bd11fded4d6f93b0bab101b7e46c968c.cloudfront.net (CloudFront)
x-amz-cf-id: 5JFBTJi7h9c0_BC19WFQAf2ZyUkRenOLtFuWwZxDgWUIT24fiiYvnA==
x-amz-cf-pop: YUL62-P1
x-cache: Miss from cloudfront

GET
H3 200 2b50.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 17A0 554 B
639 B 27ms
27ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2b50.svg

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 28 Jan 2024 06:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-emoji-release.min.js Show response
markas-prediktor.info/wp-includes/js/ Frame A771 18 KB
5 KB 322ms
322ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Sun, 04 Feb 2024 06:12:58 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame A771 41 B
334 B 54ms
54ms Fetch
application/json 3.211.54.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.54.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-54-87.compute-1.amazonaws.com
Software: /
Resource Hash: 98857c12df908b8cfcdb70f4e1e9fb8bcf84267837dba3d4427b8b1f888ac196

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://markas-prediktor.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 9EEA 0
289 B 51ms
51ms Image
text/plain 23.73.207.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGAACWW18GUAAAAIZH1dAw%253D%253D&tt=t.dhj&dhjLcy=1706422377642&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1275.23381&ell=d&cck=__stid&dmn=king.laskar2d.xyz&pn=%2F&qs=na&cc=US&cont=NA&evid=83xsO1YAmuU6XZosBQnK&urls=&rnd=1706422377983&cid=c010&version=1.1275.23381&cc=US&cont=NA&cls=C&repeat=0&htmLcy=116&bcnLcy=99

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.73.207.17 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-73-207-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1275.23381&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 06:12:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 28 Jan 2024 06:12:58 GMT

GET
H2 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame A34E 107 KB
13 KB 262ms
261ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 04 Feb 2024 06:12:58 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 0881
Redirect Chain

https://um.simpli.fi/lj_match?r=54025
https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994

43 B
736 B

61ms
61ms

Image
image/gif

44.194.20.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Server: 44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-20-78.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Sun, 28 Jan 2024 06:12:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Sun, 28 Jan 2024 06:12:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 27 Jan 2024 06:12:58 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 482F 0
0 86ms
85ms Document
text/plain 3.161.213.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=93947
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 3.161.213.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-66.yul62.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://v1.prediktorangka.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 28 Jan 2024 06:12:58 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 bd11fded4d6f93b0bab101b7e46c968c.cloudfront.net (CloudFront)
x-amz-cf-id: akxl4MNl1ifQ4kcHOFKYRexOwFgiUxtkEK3_iTVWnpuYmWxxZXKFbw==
x-amz-cf-pop: YUL62-P1
x-cache: Miss from cloudfront

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 17A0
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=44682
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
363 B

151ms
49ms

Image
image/gif

74.119.119.150

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Server

74.119.119.150 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:58 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 309791
expires: Sun, 28 Jan 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Sun, 28 Jan 2024 06:12:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=IEL0ASZHXTLlTGISRgSRbBX9/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=IEL0ASZHXTLlTGISRgSRbBX9/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=7806a064f8ae922543ddf0b06ffb7829

43 B
736 B

54ms
54ms

Image
image/gif

44.194.20.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=7806a064f8ae922543ddf0b06ffb7829
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-20-78.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Sun, 28 Jan 2024 06:12:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:58 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=7806a064f8ae922543ddf0b06ffb7829
cache-control: no-cache
x-server: 10.40.60.172
content-length: 0
expires: 0

GET
BLOB 200
OK 4949e5c6-2c73-49a5-aa82-56d3ef068e43
https://zona-bermain.com/ Frame A34E 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://zona-bermain.com/4949e5c6-2c73-49a5-aa82-56d3ef068e43
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame A34E 227 B
282 B 268ms
266ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 04 Feb 2024 06:12:58 GMT

GET
H2 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame A34E 2 KB
385 B 527ms
525ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 04 Feb 2024 06:12:58 GMT

GET
H2 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame A34E 28 KB
8 KB 279ms
278ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 04 Feb 2024 06:12:58 GMT

GET
H2 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame A34E 3 KB
861 B 277ms
276ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 04 Feb 2024 06:12:58 GMT

GET
H2 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame A34E 86 KB
29 KB 268ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 04 Feb 2024 06:12:58 GMT

GET
H2 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame A34E 13 KB
5 KB 276ms
274ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 04 Feb 2024 06:12:58 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame A34E 157 KB
26 KB 31ms
28ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 06:12:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1487903
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760088-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A34E 30 KB
7 KB 37ms
35ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6477991
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84c7163a2d469ae6-MIA
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame A34E 21 KB
8 KB 33ms
31ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 06:12:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4668503
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760088-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame A34E 62 KB
16 KB 35ms
34ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 06:12:58 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5116568
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760088-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 2.png
zona-bermain.com/script/ Frame A34E 25 KB
25 KB 522ms
521ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 04 Feb 2024 06:12:58 GMT

GET
H2 200 8.png
zona-bermain.com/script/ Frame A34E 25 KB
25 KB 524ms
523ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 04 Feb 2024 06:12:58 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame A34E 24 KB
25 KB 255ms
254ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 25038
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame A34E 25 KB
25 KB 280ms
280ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame A34E 25 KB
25 KB 861ms
856ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame A34E 25 KB
25 KB 532ms
527ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame A34E 25 KB
25 KB 535ms
530ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame A34E 25 KB
25 KB 536ms
532ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame A34E 25 KB
25 KB 538ms
534ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame A34E 24 KB
25 KB 540ms
536ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame A34E 43 B
182 B 192ms
64ms Image
image/gif 142.4.219.198
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.219.198 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5000868.ip-142-4-219.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:59 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 wp-polyfill-inert.min.js
zona-bermain.com/wp-includes/js/dist/vendor/ Frame A34E 8 KB
2 KB 407ms
405ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H3 200 regenerator-runtime.min.js
zona-bermain.com/wp-includes/js/dist/vendor/ Frame A34E 6 KB
2 KB 413ms
408ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H3 200 wp-polyfill.min.js
zona-bermain.com/wp-includes/js/dist/vendor/ Frame A34E 112 KB
34 KB 426ms
421ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H3 200 frontend.js
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame A34E 4 KB
2 KB 530ms
525ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 04 Feb 2024 06:12:59 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame A771 43 B
177 B 60ms
59ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IEL0ASZHXTLlTGISRgSRbBX9
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:58 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ Frame E81C 4 KB
1 KB 301ms
159ms XHR
application/json 13.225.195.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-59.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://v1.prediktorangka.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 06:13:00 GMT
content-encoding: gzip
via: 1.1 3aa87db4ada59e0f9698dcd8ce9e9728.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: 7Q713IVtQ5u_JzjqTiImnFev0rzUYY6bcu3HmSdHVVVbkfYOA5SSaw==

GET
H/1.1

200
OK

35759
i6.liadm.com/s/ Frame 0881
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=82137
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=21dd445f-53ea-410b-9287-9275ccc51e48
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=21dd445f-53ea-410b-9287-9275ccc51e48

43 B
548 B

212ms
52ms

Image
image/gif

2600:1f18:ed:550e:6c65:3c0a:bacf:2e64

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=21dd445f-53ea-410b-9287-9275ccc51e48

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:6c65:3c0a:bacf:2e64 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:59 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=21dd445f-53ea-410b-9287-9275ccc51e48
Date: Sun, 28 Jan 2024 06:12:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 0

GET
H2 200 Portal.html
get.s-onetag.com/underground-sync-portal/ Frame F848 85 B
482 B 71ms
70ms Document
text/html 13.225.195.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-127.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 761828
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:52 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
x-amz-cf-id: Xue-9Bjtxlk8rBTfjiR3tQTIsz6x7eph7NCjobPkIPdyEbmoakkOSw==
x-amz-cf-pop: YUL62-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

35759
i.liadm.com/s/ Frame E81C
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=28195
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=1aa618d1-4548-452c-9fe0-a29cf17233fc&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=1aa618d1-4548-452c-9fe0-a29cf17233fc&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=b7a8802c-4388-4a05-a224-699fa1ff000a
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=21dd445f-53ea-410b-9287-9275ccc51e48

43 B
633 B

53ms
53ms

Image
image/gif

54.146.37.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=21dd445f-53ea-410b-9287-9275ccc51e48

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

HTTP/1.1

Server

54.146.37.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-37-4.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:59 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

location: https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=21dd445f-53ea-410b-9287-9275ccc51e48
date: Sun, 28 Jan 2024 06:12:59 GMT
server: Kestrel
content-length: 215

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 17A0 0
142 B 120ms
120ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IEL0ASZHXTLlTGISRgSRbBX9&rand=99916&pu=https://sky.pasukanantidepo.shop/
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7C4CFD86210D4510A9B7289FDF45C071 Ref B: MIAEDGE1315 Ref C: 2024-01-28T06:12:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYP+2u+v89ydmUmUB321A==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 9206 0
0 112ms
112ms Document
text/plain 3.161.213.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=14624
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 3.161.213.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-66.yul62.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 28 Jan 2024 06:12:59 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 bd11fded4d6f93b0bab101b7e46c968c.cloudfront.net (CloudFront)
x-amz-cf-id: jBqUr9l1Y-8Jj5eYUZ2aviFaXJ3TCb9x3cdXrY6W4gj84wtKcMsuig==
x-amz-cf-pop: YUL62-P1
x-cache: Miss from cloudfront

GET
H/1.1 200
OK pixel
ps.eyeota.net/ 644 B
1 KB 54ms
53ms Script
application/javascript 34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Sun, 28 Jan 2024 06:12:59 GMT
Content-Length: 644
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 Portal.js
get.s-onetag.com/underground-sync-portal/ Frame F848 766 B
1 KB 70ms
70ms Script
text/javascript 13.225.195.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-127.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Fri, 26 Jan 2024 08:36:36 GMT
via: 1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 164184
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: e3wj95YKEzBP1CnCkfdgeeP2Jhngxu1y87U30lheywFZ-FNwXKOttA==

GET
H2 200 js15_as.js
s10.histats.com/ Frame A34E 11 KB
5 KB 44ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 72051
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c7163eecec25af-MIA
content-length: 4547

GET poltar.php
kaptenoleng.com/ Frame 7F52 0
0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=21dd445f-53ea-410b-9287-9275ccc51e48&bid=1e2n4ou

70 B
440 B

53ms
52ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=21dd445f-53ea-410b-9287-9275ccc51e48&bid=1e2n4ou
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 28 Jan 2024 06:12:59 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=21dd445f-53ea-410b-9287-9275ccc51e48&bid=1e2n4ou
date: Sun, 28 Jan 2024 06:12:59 GMT
server: Kestrel
content-length: 191

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-13etd7NE2pUBf43B309KzEWzy6Aq65p0lsU-~A

70 B
440 B

53ms
52ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-13etd7NE2pUBf43B309KzEWzy6Aq65p0lsU-~A
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 28 Jan 2024 06:12:59 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-13etd7NE2pUBf43B309KzEWzy6Aq65p0lsU-~A
date: Sun, 28 Jan 2024 06:12:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZbXwawAApM237wA9
https://ps.eyeota.net/match?uid=ZbXwawAApM237wA9&bid=0rijhbu&referrer_pid=51md42u&_test=ZbXwawAApM237wA9

70 B
440 B

53ms
53ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=ZbXwawAApM237wA9&bid=0rijhbu&referrer_pid=51md42u&_test=ZbXwawAApM237wA9
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 28 Jan 2024 06:12:59 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by: cache-mia-kmia1760082-MIA
pragma: no-cache
date: Sun, 28 Jan 2024 06:12:59 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706422379.470749,VS0,VE0
x-cache: HIT
location: https://ps.eyeota.net/match?uid=ZbXwawAApM237wA9&bid=0rijhbu&referrer_pid=51md42u&_test=ZbXwawAApM237wA9
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=5294388161815131724&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

53ms
52ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5294388161815131724&bid=2cr76e1&referrer_pid=51md42u
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 28 Jan 2024 06:12:59 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:59 GMT
an-x-request-uuid: 8aad50d3-c10b-410c-9aed-0c84df6d2e4d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ps.eyeota.net/match?uid=5294388161815131724&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin: 38.132.118.74; 38.132.118.74; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 29537
tags.bluekai.com/site/ 62 B
470 B 254ms
148ms Image
image/gif 23.220.132.230

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29537?limit=1&id=2uTTcDET164T4Kvqe9WtFbfFd1j7r05uGRAnYNO6pb9k
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.132.230 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 28 Jan 2024 06:12:59 GMT
content-length: 62
content-type: image/gif

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A34E 75 KB
76 KB 32ms
32ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 68158
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5a874d173b11a68eb4dcc235dc73d764
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 84c7163f5a61033d-MIA
cdn-requestpullsuccess: True

POST
H2 200 data
bcp.crwdcntrl.net/6/ Frame E81C 316 B
1 KB 80ms
80ms XHR
application/json 18.211.142.103

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.142.103 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer: https://v1.prediktorangka.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 06:12:59 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://v1.prediktorangka.xyz
cache-control: no-cache
x-server: 10.40.52.42
access-control-allow-credentials: true
content-length: 316
expires: 0

GET

/
zona-bermain.com/kombinasi/ Frame C69B
Redirect Chain

https://zona-bermain.com/kombinasi
https://zona-bermain.com/kombinasi/

0
0

GET
H/1.1 200
OK 4612381.php
s4.histats.com/stats/ Frame A34E 438 B
573 B 185ms
61ms Script
text/html 149.56.240.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20BERMAIN%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fmarkas-prediktor.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-181985728&@b3:1706422379&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534299.ip-149-56-240.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:12:59 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

POST
H2 200 a
a.dtssrv.com/ Frame E81C 0
443 B 157ms
92ms Ping
text/html 2606:4700:3036::ac43:a392

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=1040170642237250578C5E26DACD5E6F&k=lotpano&v=62c6151bc8ddafb46a74fd7516cfa9fb927a27de0336f3973833302c5a45beca
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fv1.prediktorangka.xyz%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEkI0j0ICA5zUg%2Fog10RtdLqGmp8mbP1%2FuW8FJR3THia9bmxqeiEDpurS0IYA61z1pym6l9I3%2BigHSDRQkHHQGsoFcoSV015dDorcRqzZxFViN2B%2BIJWk%2B%2BBx3r0wuCg8dvxQbeBUdOOdgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 84c71640695b7440-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 103D 2 KB
1 KB 70ms
70ms Document
text/html 13.225.195.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-59.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://v1.prediktorangka.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 49343
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Sat, 27 Jan 2024 16:30:37 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 90afcdb26518f969b68e124515efb74c.cloudfront.net (CloudFront)
x-amz-cf-id: rTbWm4Tr8h0uz7kscWztAozcOiyMb3aOr7SE-BrdZ0t5osurnO0WvQ==
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame E81C 0
144 B 119ms
119ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IEL0ASZHXTLlTGISRgSRbBX9&rand=3742&pu=https://bolo.treksantuy.xyz/
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://v1.prediktorangka.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4443BBE7AE4D4C46B1FAC7DB153935BD Ref B: MIAEDGE1315 Ref C: 2024-01-28T06:12:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYP+2vGvmCOuPyGJwwPTQ==

GET
H2

200

merge
ce.lijit.com/ Frame 17A0
Redirect Chain

https://um.simpli.fi/lj_match?r=75345
https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994

43 B
870 B

53ms
53ms

Image
image/gif

44.194.20.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Server: 44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-20-78.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Sun, 28 Jan 2024 06:12:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Sun, 28 Jan 2024 06:12:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=4C22590201E7425597D084FEF2BB9994
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 27 Jan 2024 06:12:59 GMT

GET
H/1.1

200
OK

img
sync.mathtag.com/sync/ Frame A771
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IEL0ASZHXTLlTGISRgSRbBX9&rnd=28336
https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0
https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=5294388161815131724&gdpr=0
https://sync.mathtag.com/sync/img?mt_exid=36&1aa618d1-4548-452c-9fe0-a29cf17233fc

43 B
588 B

283ms
61ms

Image
image/gif

216.200.232.249

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=36&1aa618d1-4548-452c-9fe0-a29cf17233fc
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: HTTP/1.1
Server: 216.200.232.249 -, , ASN (),
Reverse DNS
Software: MT3 1451 1934b03 master ord ord-pixel-x21 config_version:"539" /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 06:13:00 GMT
Server: MT3 1451 1934b03 master ord ord-pixel-x21 config_version:"539"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sun, 28 Jan 2024 06:12:59 GMT

Redirect headers

Location: https://sync.mathtag.com/sync/img?mt_exid=36&1aa618d1-4548-452c-9fe0-a29cf17233fc
Date: Sun, 28 Jan 2024 06:12:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET

throtle
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IEL0ASZHXTLlTGISRgSRbBX9
https://thrtle.com/sync?_reach=1&vxii_pdid=IEL0ASZHXTLlTGISRgSRbBX9&vxii_pid=12&vxii_pid1=7002&vxii_rcid=1068142f-5acd-4518-bff3-266d522961a6&vxii_rmax=1
https://match.prod.bidr.io/cookie-sync/throtle?

0
0

GET
H2 200 cc_604.js
s10.histats.com/counters/ Frame A34E 13 KB
4 KB 36ms
36ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 73970
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 84c71640f8d225af-MIA
content-length: 4509

GET
H2 200 /
e.dtscout.com/e/ Frame A34E 6 KB
3 KB 125ms
125ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20BERMAIN%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fmarkas-prediktor.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-181985728&@b3:1706422379&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:12:59 GMT
x-t: 0.248
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynCRSaME4ZhHdK4c0Tjul6zoZaI0SFE%2FHh1P1BA%2BC8FYx%2BN5keehgfCUygfPFzHMPDTiMAmuo3gGTlRJyFgHLIGhvjgkiTaxQw9ZXTmr80WKJ0jhyIjr4OpBA6UQ1nrrmhObY%2FsZ2UXNrxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 84c71640ffdd3376-MIA
expires: Sun, 28 Jan 2024 06:12:58 GMT

GET
H2 200 pixels
bcp.crwdcntrl.net/ Frame 7C50 0
0 53ms
53ms Document
text/html 18.211.142.103

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C92%2C79%2C61%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.142.103 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 4091
content-type: text/html
date: Sun, 28 Jan 2024 06:13:00 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.7.66

GET wp-emoji-release.min.js
zona-bermain.com/wp-includes/js/ Frame A34E 0
0

GET /
t.dtscdn.com/widget/ Frame A34E 0
0

GET tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame A34E 0
0

GET dtscout
pd.sharethis.com/pd/ Frame A34E 0
0

GET /
t.dtscout.com/pv/ Frame A34E 0
0

GET

throtle
match.prod.bidr.io/cookie-sync/ Frame 0881
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IEL0ASZHXTLlTGISRgSRbBX9
https://thrtle.com/sync?_reach=1&vxii_pdid=IEL0ASZHXTLlTGISRgSRbBX9&vxii_pid=12&vxii_pid1=7002&vxii_rcid=c3aab941-7a09-4f57-a13e-1e5b68bc8585&vxii_rmax=1
https://match.prod.bidr.io/cookie-sync/throtle?

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGAACWW18GUAAAAIZH1dAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1275.23381%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1275.23381%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=1491990

Domain: x.dlx.addthis.com
URL: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=1aa618d1-4548-452c-9fe0-a29cf17233fc

Domain: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Domain: zona-bermain.com
URL: https://zona-bermain.com/kombinasi/

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/throtle?

Domain: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Domain: t.dtscdn.com
URL: https://t.dtscdn.com/widget/?d=1040170642237250578C5E26DACD5E6F&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2F&r=https%3A%2F%2Fmarkas-prediktor.info%2F

Domain: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js

Domain: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Domain: t.dtscout.com
URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1e6hzk7wi5&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=74nn&_cb=_dtspv.c

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/throtle?

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 18:43:34	Name: _li_ss Value: CicKBgjdARCKFwoGCKIBEIoXCgYIiwEQihcKBgjSARCKFwoFCH4Qihc
sky.pasukanantidepo.shop/	1970-01-21 02:45:58	Name: HstCfa4660281 Value: 1706422372359
sky.pasukanantidepo.shop/	1970-01-21 02:45:58	Name: HstCla4660281 Value: 1706422372359
sky.pasukanantidepo.shop/	1970-01-21 02:45:58	Name: HstCmu4660281 Value: 1706422372359
sky.pasukanantidepo.shop/	1970-01-21 02:45:58	Name: HstPn4660281 Value: 1
sky.pasukanantidepo.shop/	1970-01-21 02:45:58	Name: HstPt4660281 Value: 1
sky.pasukanantidepo.shop/	1970-01-21 02:45:58	Name: HstCnv4660281 Value: 1
sky.pasukanantidepo.shop/	1970-01-21 02:45:58	Name: HstCns4660281 Value: 1
.dtscout.com/	1970-01-20 20:24:22	Name: df Value: 1706422372
.dtscout.com/	1970-01-20 20:07:05	Name: l Value: 1040170642237250578C5E26DACD5E6F
.pasukanantidepo.shop/	1970-01-20 20:05:39	Name: __dtsu Value: 1040170642237250578C5E26DACD5E6F
.sharethis.com/	1970-01-21 02:47:24	Name: __stid Value: ZGAACWW18GUAAAAIZH1dAw==
.sharethis.com/	1970-01-21 02:47:24	Name: __stidv Value: 2
.dtscdn.com/	1970-01-20 22:18:07	Name: uid Value: 1040170642237250578C5E26DACD5E6F
.tynt.com/	1970-01-21 02:45:58	Name: uid Value: CoIKSWW18GWxH+LwPUBQAg==
.pasukanantidepo.shop/	1970-01-20 18:00:22	Name: lotame_domain_check Value: pasukanantidepo.shop
.onaudience.com/	1970-01-21 02:45:58	Name: cookie Value: 7155e997ad8662f2
.onaudience.com/	1970-01-20 18:01:48	Name: done_redirects147 Value: 1
.tynt.com/	1970-01-20 20:09:58	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1706422373813%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1706422373813%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1706422373813%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1706422373813%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1706422373813%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1706422373813%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1706422373813%7D%5D
.adsrvr.org/	1970-01-21 02:47:24	Name: TDID Value: 21dd445f-53ea-410b-9287-9275ccc51e48
.tapad.com/	1970-01-20 19:26:46	Name: TapAd_TS Value: 1706422373944
.tapad.com/	1970-01-20 19:26:46	Name: TapAd_DID Value: 779ed7a5-35a5-4b1a-95d2-4636b76203c3
.go.affec.tv/	1970-01-21 02:45:58	Name: ck Value: 65b5f065bc6e4100010bdaae
.go.affec.tv/	1970-01-21 02:45:58	Name: oo Value: 1
.33across.com/	1970-01-21 02:45:58	Name: 33x_ps Value: u%3D212460214435093%3As1%3D1706422374001%3Ats%3D1706422374001
.linkedin.com/	1970-01-20 20:09:58	Name: li_sugr Value: 757e7662-ef7b-4ed8-816c-97bda61f6fc9
.linkedin.com/	1970-01-21 02:45:58	Name: bcookie Value: "v=2&9e406862-2f10-4b35-8924-d36ff3a02957"
.linkedin.com/	1970-01-20 18:01:48	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2702:u=1:x=1:i=1706422373:t=1706508773:v=2:sig=AQEqC1CquyWFpHRXGhwCzABbb6qu5Lhg"
.onaudience.com/	1970-01-20 18:01:48	Name: done_redirects236 Value: 1
.tapad.com/	1970-01-20 19:26:46	Name: TapAd_3WAY_SYNCS Value: 1!678
.eyeota.net/	1970-01-21 02:47:24	Name: mako_uid Value: 18d4eb30edc-35b40000010a5570
.rlcdn.com/	1970-01-21 02:45:58	Name: rlas3 Value: 2vu9bSQjuaTju8rwuN9hxh+W9sOAenMhks2bQjUOscY=
.ml314.com/	1970-01-21 02:47:24	Name: pi Value: 3641664108781109264
.eyeota.net/	1970-01-20 18:00:22	Name: SERVERID Value: 21872~DM
.adnxs.com/	1970-01-21 03:36:22	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:09:58	Name: XANDR_PANID Value: _QrVkvuLgMHvwpfraR-CxLSoXUjdNRnDw5IKXg9NWpajZmqFRll2QpB8OlIJO63orW6bqg3XsqtfpVI-gNFEF9GS9UIrV-G-ynknzg1sgvI.
.adnxs.com/	1970-01-20 20:09:58	Name: uuid2 Value: 5294388161815131724
.rlcdn.com/	1970-01-20 19:26:46	Name: pxrc Value: CObg160GEgUI204QAA==
.adnxs.com/	1970-01-20 20:09:58	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?cn?54o!]tbP6j2F-XstGt!@Dha$pj8z
.lijit.com/	1970-01-21 02:45:58	Name: ljt_reader Value: IEL0ASZHXTLlTGISRgSRbBX9
.pippio.com/	1970-01-21 02:45:58	Name: did Value: 3hyK99-DOwt3VOVe
.pippio.com/	1970-01-21 02:45:58	Name: didts Value: 1706422374
.pippio.com/	1970-01-20 19:26:46	Name: nnls Value:
.pippio.com/	1970-01-20 19:26:46	Name: pxrc Value: CObg160GEgYIgr0rEAA=
.adsrvr.org/	1970-01-21 02:47:24	Name: TDCPM Value: CAEYASABKAIyCwjazeXW3PTPPBAFOAFaB21zc20xMTVgAg..
.doubleclick.net/	1970-01-21 03:36:22	Name: IDE Value: AHWqTUl4x28pHT4qqMXe8-bM_8J6AalNdEY3xPvPtwRkx0_UjzlEz9-wtwtO9pdSgXw
.go.affec.tv/	1970-01-21 02:45:58	Name: pt Value: eyJhbiI6eyJkdCI6MTcwNjQyMjM3NCwiaWQiOiI1Mjk0Mzg4MTYxODE1MTMxNzI0IiwibHMiOjE3MDY0MjIzNzR9LCJ0dCI6eyJkdCI6MTcwNjQyMjM3MywiaWQiOiJDb0lLU1dXMThHV3hIK0x3UFVCUUFnPT0iLCJscyI6MTcwNjQyMjM3M30sInRkIjp7ImR0IjoxNzA2NDIyMzc0LCJpZCI6IjIxZGQ0NDVmLTUzZWEtNDEwYi05Mjg3LTkyNzVjY2M1MWU0OCIsImxzIjoxNzA2NDIyMzc0fSwidiI6MH0=\|1706422374\|ae3fd6970a1c958e8328e921b7501826ce7e1943
.krxd.net/	1970-01-20 22:19:34	Name: _kuid_ Value: QD-teA62
.onaudience.com/	1970-01-20 18:01:48	Name: done_redirects109 Value: 1
.intentiq.com/	1970-01-21 03:36:22	Name: IQver Value: 1.9
.onaudience.com/	1970-01-20 18:01:48	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-21 02:45:58	Name: zc Value: 353d3f62-6796-438a-78e2-9e9b625d882d
.zeotap.com/	1970-01-20 18:01:48	Name: zsc Value: K_I%1AP%E0%E5%E4%3A%26%F1%1E%F9%B6%C4%C9%E5%FDx%04%E6%5BK%98%D3n%23%0E%92%2A_C%AA%DE%27%BB%1E%F3C%DE%8B%10M%FEv%80R%AE%F1%92g%D6%7B%AD%D2%5D%5B%B9%DE%02%F3%B1_t%C3%F2%7B%00%A3%D8%17%40w%A7~%3AW%8F%D4%1E%97g%EA
.liadm.com/	1970-01-21 03:36:22	Name: lidid Value: 1aa618d1-4548-452c-9fe0-a29cf17233fc
.turn.com/	1970-01-20 22:19:34	Name: uid Value: 8233015085601279756
.rezync.com/	1970-01-21 03:21:58	Name: zync-uuid Value: d861f7ba-777c-427e-bda3-d66fa0f036a9:1706422376.7564077
.rfihub.com/	1970-01-21 03:21:58	Name: eud Value: H4sIAAAAAAAA_13IsRGAIAwF0AmsmCNegPg_uE0QM5ClpZNaemf53pU4G3JwuJA8xApPGdOrTCBcQyu875kKK6USKzeYkndavuyNz88vyFuVVFoAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrIwNDAwNjWwNDUzMzI3sjA1NxLiM9SNCjYyzHGpCDL19XUHAO6gGE4lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4BAgd2o3RKSQVO7uPlgXRnOlkHwljJ-sSpcCOrXVkfczqAgzJ05OhJI_9bsTbjoAAAA
.rfihub.com/	1970-01-21 03:21:58	Name: rud Value: H4sIAAAAAAAA_-MSNrIwNDAwNjWwNDUzMzI3sjA1NxLiM9SNCjYyzHGpCDL19XUHAO6gGE4lAAAA
live.rezync.com/	1970-01-21 03:21:58	Name: sd-session-id Value: .eJwNylEOgyAMANC79FuWUqRFLmNQSkI22SLuZ8a7z8-XvBPmj-5batoOiMf-1QHWV73VIZ7Q62_TJ0SgYBGdx8kzk1DwQnAN0LX3-m5zzffJgW2RJRkRWc1IombJyZnMXBIWdJymaAV5JHLCD_E8oghcf8BRJgI.ZbXwaQ.zBGarafxo0I43sMylBxF95TmpZQ
.simpli.fi/	1970-01-21 02:47:24	Name: suid Value: 4C22590201E7425597D084FEF2BB9994
.dtscout.com/	1970-01-20 18:00:27	Name: m Value: 5
.dtscout.com/	1970-01-20 18:00:25	Name: st Value: 5
.dtscout.com/	1970-01-20 18:00:36	Name: oa Value: 5
.lijit.com/	1970-01-21 02:45:58	Name: _ljtrtb_2 Value: 4C22590201E7425597D084FEF2BB9994
.demdex.net/	1970-01-20 22:19:34	Name: demdex Value: 63530041822388089741781883118847520233
.dpm.demdex.net/	1970-01-20 22:19:34	Name: dpm Value: 63530041822388089741781883118847520233
.t.sharethis.com/	1970-01-20 18:20:31	Name: pxcelPage_default_c010_C Value: 5_0_1706422374046
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 78
.lijit.com/	1970-01-21 02:45:58	Name: ljtrtb Value: eJyrVjJSslIycTYyMrU0MDIwdDU3MTI1tTR3MbAwcXN1M3JysrS0NFGqBQCyLwj7
.crwdcntrl.net/	1970-01-21 00:29:10	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 00:29:10	Name: _cc_id Value: 7806a064f8ae922543ddf0b06ffb7829
.crwdcntrl.net/	1970-01-21 00:29:10	Name: _cc_cc Value: "ACZ4XmNQMLcwMEs0MDNJs0hMtTQyMjUxTklJM0gyMEtLSzK3MLJkAILUrR%2ByQDQE8F4%2F3GrEuEeL4T8jI8O9D5Yw5rmjh5hh7J8bp7DA2JdOPWKDsXfvuywAY39ouA9nH148B67%2B7tqn3DA175YgxBv%2Ba8KEF844wARj%2F%2BvSgjEBpWNAPQ%3D%3D"
.crwdcntrl.net/	1970-01-21 00:29:10	Name: _cc_aud Value: "ABR4XmNgYGBI3fohC0hBACsDA9cMEJNRazaEmgWi%2BNwdQBS%2Fzn4gCQC2GAY2"
.lijit.com/	1970-01-21 02:45:58	Name: _ljtrtb_5001 Value: 7806a064f8ae922543ddf0b06ffb7829

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://momen.tm/ZdO9uN Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://sky.pasukanantidepo.shop/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IEL0ASZHXTLlTGISRgSRbBX9' because its MIME type ('image/gif') is not executable.
security	error	URL: https://bolo.treksantuy.xyz/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IEL0ASZHXTLlTGISRgSRbBX9' because its MIME type ('image/gif') is not executable.
security	error	URL: https://king.laskar2d.xyz/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IEL0ASZHXTLlTGISRgSRbBX9' because its MIME type ('image/gif') is not executable.
security	error	URL: https://v1.prediktorangka.xyz/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IEL0ASZHXTLlTGISRgSRbBX9' because its MIME type ('image/gif') is not executable.
security	error	URL: https://markas-prediktor.info/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IEL0ASZHXTLlTGISRgSRbBX9' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
a.dtssrv.com
adsbaner.files.wordpress.com
antoboomerblog.files.wordpress.com
ap.lijit.com
api.intentiq.com
bcp.crwdcntrl.net
beacon.krxd.net
blogger.googleusercontent.com
bolo.treksantuy.xyz
cdn.datatables.net
cdn.jsdelivr.net
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.jquery.com
d.turn.com
data-beacons.s-onetag.com
de.tynt.com
dis.criteo.com
dolarpro.files.wordpress.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
kaptenoleng.com
king.laskar2d.xyz
live.rezync.com
m2.treksantuy.xyz
map.go.affec.tv
markas-prediktor.info
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
ml314.com
momen.tm
mwzeom.zeotap.com
onetag-geo.s-onetag.com
p.rfihub.com
pd.sharethis.com
pippio.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
px.ads.linkedin.com
s.w.org
s10.histats.com
s4.histats.com
s4is.histats.com
secure.adnxs.com
sky.pasukanantidepo.shop
spl.zeotap.com
stags.bluekai.com
sync-tm.everesttech.net
sync.mathtag.com
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
track2.securedvisit.com
treksantuy.asia
treksantuy.tech
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
v1.prediktorangka.xyz
wget.angkapaito.net
widget.angkapaito.net
x.bidswitch.net
x.dlx.addthis.com
zona-bermain.com
get.s-onetag.com
kaptenoleng.com
match.prod.bidr.io
pd.sharethis.com
stags.bluekai.com
t.dtscdn.com
t.dtscout.com
x.dlx.addthis.com
zona-bermain.com
100.25.178.23
104.18.34.83
107.178.254.65
13.225.195.127
13.225.195.59
13.225.195.75
142.4.219.198
146.59.148.16
149.56.240.131
15.197.193.217
151.101.66.49
172.253.115.155
172.96.191.134
18.211.142.103
18.214.41.71
18.215.220.20
192.0.72.18
192.0.72.22
192.0.77.48
199.38.167.130
216.200.232.249
23.220.132.230
23.34.194.26
23.73.207.17
2600:1f18:ed:550e:6c65:3c0a:bacf:2e64
2606:4700:10::6814:4f63
2606:4700:10::ac43:28ad
2606:4700:10::ac43:e8b
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780a
2606:4700:3031::6815:6083
2606:4700:3031::ac43:b058
2606:4700:3032::ac43:d74f
2606:4700:3033::6815:51c
2606:4700:3034::ac43:9ed3
2606:4700:3035::6815:5055
2606:4700:3036::6815:3d6a
2606:4700:3036::ac43:a392
2606:4700:3037::6815:605a
2606:4700:3037::ac43:b044
2606:4700::6812:bcf
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1f::84
2620:112:f002:bbbb::23
2620:1ec:21::14
2a04:4e42:200::485
2a04:4e42:200::649
3.130.132.252
3.161.213.66
3.211.54.87
34.111.113.62
34.117.77.79
34.193.241.34
34.197.192.192
34.200.65.202
35.194.66.159
35.211.178.172
35.244.154.8
44.194.20.78
50.17.221.242
52.15.236.209
52.21.33.16
54.146.37.4
54.192.51.122
54.192.51.72
67.202.105.24
67.202.105.32
67.202.105.33
68.67.161.208
74.119.119.150
85.187.128.38
00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95
06710711e7517c22412aa923d472e9cce857b02605e4c0049cdc7edb666a132c
08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd
09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3
0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7
0f411642419857380d101881b9ac0df988e4f296332601e27b9b0ded054d2291
113c26ae750bcb91910ea9713f6d68189afee52c5a73669d1c3c5b977be02cad
1170d80cfac6e8afb7ddd54409ab556396199d0a91d6d4c4347af0a6cd4723ad
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
118de8cf537f918fddebc1a3e05e71080d7b4bf810fa9b1f21870de27c89ac69
17535b70f24e86a5bca91dbe61a2aa561407829b1fe4f5d12561c6131dc86f8b
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1da9716ff327a20103375d98dee841e288e5f2998bdb2e49b9b3d6cf59dde864
217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c
2388f1b8ef95668322254f1ae8523c148beceddccd6e239bd683281835e1180b
248c38ba8b148146d9b650f4ef035c048d8840ff90c3f7e84e7b1f40037c3318
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c
278aac37da73f0a92a0126107f77f7c25f9dc25ecd9e7a612ad0de80a37cb409
28d63fec48ab0c89355c23de6727b6fe04de522a4760f9cfa8361f7de40a745d
2911350b34b9b288c262ef237130911ee9eb84833e6e3d271a1559bf1e86c4fc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
2d551b2bfc076c5db44efe46c3ccd835369133065cc06ccbf0585ed070079f48
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90
2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395
2f871fee6fdc802e757bb0453f141c299717af2cd28eeed56012892ce28f1ef4
304a2a3e7f848ccef1fd73c8e12133b204b94e6f6d5b4e2e4967e652a032f298
31fbef2d8aa8eb899334230f74c59be161cb7a3fef953d60d698855548e7c825
3237c5ab8d2ff9f2cce7ba4052f4aa626fa2e868d9f66ecde527edce232a3d80
324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064
3485295530761106ba56255187cc1f9a7f7cddb3b54eb1030dbd0c415b76afbc
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3a56bb8abe848444bfd0e0ed1bb7a52310059e447c1c505955e682679e19f451
3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b
3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2
42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47673d5aabc799bac8fff9c6aee465537302fbf6a5869c4217ae0fd299714077
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d
4f322fbeab1b9d9238f3b1b83d5c7b47d63c0211f10dbe02620ba5c65e8eb5f3
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
50bb9e362f34ad462b13405ef66cc2dd869a2c28d2b0f64d7fe03658afc9c0f0
51657894d582014e07c19a90007b911b5778078a5838eb727f3656fa438be887
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54b138ffe626e047f27a44f52c77da85672cd12c7fc53a79f900559c85164de2
574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f
59249b78d3ce44e4356aa987b9e0b837ff3255fd635730eb75b8294dbafb17a3
5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8
5cdf948f65cf951821da557dc5b8cc9067c64589070285feab8aa6f7c64657e0
5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949
5d771c7db362c1697c04dbb3e24720ad5ef4c73f75daaeedc4e1b1fe640509bb
60753d7fdcfbff1bc5de6cfa1b1d7c4041e32257bebaa6459843f9e6e5dbe302
618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871
61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271
627a1a84ba0a2fc04202a87bdc32be2fb26820f613775ba684856484e007b4c9
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
652c463da97d1e1f7f3c31bfb81e978632c13a944bd78180979dbf5dd4e0b0a3
65c2849166f779b2b5c16440a7f16a2dbe1b86a5a030b6185cb46b92705dc732
66a473125f8059c97da4ecbf72df457a34dab3fd2a2fcb1c788bea59dcd87e21
6926aa8fc9c2ccb8e1422f51833cca10b8da3de2051ef7a52b6dd4a2e3011ded
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1b3baced4e8e74a848013175cad7e2867c72507880cab144f51eeb9e7d8448
6ee5599420176d6c73cb80505f7d287e527d903336f0cfb2348ace130fb7d6f1
6f99eb912d0974e3eb866a918bfce5fa7ceef19041bed5a4d1163a2af05e22c6
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
7120798bd821aad18f1b7c5dbf402f92bf9460ace6dc08655c6f9d327484f88b
7261ac909063abccd2f148d068599ffff4a1b14efaef9d4d6811346195f5fe9c
730412109bc24c266a27e4c2248182c8952c1ec999199851413a1779cd7d0ce7
7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66
74683c31bb42dd97ef6dc15b39077002ee2743440ea539e8cbc01a4f43c9c3ca
76e5d6293065206efe5136386e2f5455ef8d347dceedfea716494937c58e4c0c
776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f
79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
7e22819d3433cfdb5d3f848fee01b7cccc863970901de5efa3e80a7eadbd48c4
7e78ac302ebdef9842d5c628cef762ed1ad4b9650dd4915810cbf3cdaa86010c
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
8084ba0a6b770ebad7c2008062cce2addda48238bae32f6b720766072ed2937b
82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
859fc224dfddea3a5015809ea2d6f46bd8510f039046c3c158f7c018d8f5fbab
87d3abed87820941c3f8f4d8cc01563a8ef74d7886c948b9b0da3e3929bfce92
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19
8ac1e08581c5691d74fb1a69b925f400e14db93ddc9451db0b72456e4af3a2f7
8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788
9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f
91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc
93f28a18a1df638b539f6bde99c048a50ad7b8a5643c6966a0546a0c50f7cace
943c6368a5480cf4d817121a274cfee0d86b65414ac092b208bd2f256bfac2d5
95cf5e4b3f56fa2d8aae7f6196f6cadb653b68b19520048c75a91ad12d6203df
96974bf81a3309711a809ce3c78f7ba01590e8273d610a23c4ec3d72314ab647
98857c12df908b8cfcdb70f4e1e9fb8bcf84267837dba3d4427b8b1f888ac196
9897213de7aacf723ae4372872a710aecdb0c31fe8a4bb1af9e75ce6b677895f
9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f
9bff8afd4c585e71c29cd40f7d9018e71d3e827bc6ca9ade7773acf7121372e0
9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b
a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2
a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4
a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a
a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626
a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a
a901faf466eb18d0507011a76611e62d27823c2739d7c858ad731f48e839dff2
aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952
aa8c5185e21fe4e9378c15e60ee2780ce4a61e42e3ea9ffc8c3fd85d3bd047d9
ab28525af13ce6f2aa74c54d16f533ee08d6df5555277b29093bb98a3df58a90
ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3
ac6002b55a7bc33de07da0fc1391dbd8b61598823a7768591aed4b0e4a5e421a
add3315d7a7bb82510756eb8828798744b2613a242d9388a73acc0b67b9101a9
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
b4b7afe4efaa2750f23de419dcaf08b30ec0ce355885c3c5b38d164933ce94d0
b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67
bd19ceba5593dce80a475ea69709bd5a6cf752e2483153024ad3052ba9af1aa4
bfcef82755bac56e01032d196dc587e851fcfb9a2a1882c7e283b9ea451a17a0
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4
c2744159aabad669e4581c889ad963af5e4ece5f383f7b56571bcc737c07eb2d
c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb
c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c865fbae27fc2f008b555a9c2a9d057f870dc216d9db301c8f8588910673e3c3
ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6
cabd6c6e2ce478bc6a9344f5f75f501bbf6b7ba8fd54d7487e7a09279f3a34d7
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd00638573fb85c0ab0273522a410e21d5118ee86f03a17f77713870adc6aa4e
d30f436b9752f07747f2b72cc77985554918de4f9b5e74c65271c89e3b1501b6
d457376f6a719e35ed3cbfbfb13ab5c49e98e0ab79eaf60ff253f35ea867d340
d80f6523545dad74a52c6afbc2db2210fa1418e86cdf000233c482e199ed8b79
d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
d900b283989b03b160f4d638c96129b850ae0d267588b057e53aaa96920d669e
da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968
dbd4ea5e26cff619ebe31130ce16126cdcaff265a697139b20c80a960954832f
dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a
dc9354ae446f83517107e9d7002f8d4686d0109bddd630ee1bf5750504a3714a
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e0ff626d853e4ead8a67b5b6f21954d700a99d240fac512dd8625edc19534d32
e1069c844742374ce5d55bf288826350c3c5c26c1bcdbde43f76c51c8e2df535
e267f31b517666122236197871cd2076698dcc0818f9f811722a0ac6d3ad2552
e31a5516051e3dcd6be48ada99dbf2d270db37dd3a304fded21e105f6c733bf5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945
eb7151ca0d77e0125fe9a89dfae59d7dcdb36527ffb391715de9380635d0cf73
eb88f6616421886b52eb182ffc54db023dc3e0b076576378da5e22df7788669b
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15
f3015b454eba4cc362de0ec1a16108624208981aca6c0eb84ceacceddbbb93c4
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183
f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7a268fe54141807077d99c931e63dc4ed814892add35accf4f92fb98b0030d0
f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d
fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4
fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9
fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
fe369aa1004409e05f5184452df947217f15250a2350d34ef5961981ceee17b4
fe5b9f2de2eb7ded4746b2316d4176e3a3175fa2594ae4e417e3b2d3cf95aef3
fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

sky.pasukanantidepo.shop Open in urlscan Pro 2606:4700:3034::ac43:9ed3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

400 Requests

88 %HTTPS

34 %IPv6

61 Domains

83 Subdomains

60 IPs

5 Countries

110476 kBTransfer

113546 kBSize

78 Cookies

30 Outgoing links

Redirected requests

400 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sky.pasukanantidepo.shop Open in urlscan Pro
2606:4700:3034::ac43:9ed3 Public Scan

Screenshot
Live screenshot

Full Image

400
Requests

88 %
HTTPS

34 %
IPv6

61
Domains

83
Subdomains

60
IPs

5
Countries

110476 kB
Transfer

113546 kB
Size

78
Cookies

400 HTTP transactions
9 data transactions